June 13, 2017 By Scott Koegler 2 min read

Another Way to Bridge the Cybersecurity Skills Gap

Terms such as cybersecurity, hacking and data breach have become part of everyday conversation for people who have little understanding of how those activities are accomplished. The devastating effects of cyber incidents have invaded public and private life, and protecting digital assets has become a critical priority for enterprises and governments. Still, according to CSO Online, 1 million cybersecurity jobs are currently unfilled, and the deficit will likely increase through 2021.

The talent pool for every position in the security sector, from chief information security officer (CISO) all the way to cyber analyst, is suffering from underpopulation. At what point would it make sense for one company to acquire another solely to conscript its existing talent?

The Best Talent Money Can Buy

Security professionals need resources and assistance to discover threats and take preventive actions. That often leads companies to enlist cybersecurity firms to supplement their internal staff. These providers assemble the talent and resources needed to serve their clients. They build a critical mass of security professionals and offer enticing work environments to prospective employees. The result is a company with a community of well-trained and experienced professionals working in environments dedicated to security.

Enterprises of all sizes across all industries are scrambling to fill their gaps in security to avoid becoming another headline. Smaller organizations may be able to find local candidates seeking experience to fill entry-level positions, and these hires may turn out to be superstars. Midsize companies may be able to compete financially for more seasoned professionals, but those candidates have the upper hand in this market and can name their own terms. Larger companies that have diversified and posses the requisite financial resources, however, have an option that’s unavailable to smaller organizations: acquiring a company to poach its cybersecurity talent.

A Long-Term Investment

According to Cybersecurity Ventures, spending on security will eclipse $1 trillion over the next five years and bring new entrants to the market, along with an active mergers and acquisition market. This should be of interest to enterprises struggling to secure their assets and build out their cyberdefense capabilities.

“Human capital has moved ahead of technology when we look at companies,” said Steve Morgan, founder and editor-in-chief at Cybersecurity Ventures. This makes acquiring a cybersecurity provider a viable consideration for larger organizations because it can bring much-needed expertise and facilitate a horizontal expansion that could even become a revenue source.

The talent shortage is expected to worsen over the next five years, and cybercriminals will find new ways to infiltrate enterprise systems. Long-term investment in talent and specialized resources by way of acquisition may be the best way for organizations to combat these trends.

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today