Closing the Cybersecurity Skills Gap Through Mergers and Acquisitions

June 13, 2017
| |
2 min read

Another Way to Bridge the Cybersecurity Skills Gap

Terms such as cybersecurity, hacking and data breach have become part of everyday conversation for people who have little understanding of how those activities are accomplished. The devastating effects of cyber incidents have invaded public and private life, and protecting digital assets has become a critical priority for enterprises and governments. Still, according to CSO Online, 1 million cybersecurity jobs are currently unfilled, and the deficit will likely increase through 2021.

The talent pool for every position in the security sector, from chief information security officer (CISO) all the way to cyber analyst, is suffering from underpopulation. At what point would it make sense for one company to acquire another solely to conscript its existing talent?

The Best Talent Money Can Buy

Security professionals need resources and assistance to discover threats and take preventive actions. That often leads companies to enlist cybersecurity firms to supplement their internal staff. These providers assemble the talent and resources needed to serve their clients. They build a critical mass of security professionals and offer enticing work environments to prospective employees. The result is a company with a community of well-trained and experienced professionals working in environments dedicated to security.

Enterprises of all sizes across all industries are scrambling to fill their gaps in security to avoid becoming another headline. Smaller organizations may be able to find local candidates seeking experience to fill entry-level positions, and these hires may turn out to be superstars. Midsize companies may be able to compete financially for more seasoned professionals, but those candidates have the upper hand in this market and can name their own terms. Larger companies that have diversified and posses the requisite financial resources, however, have an option that’s unavailable to smaller organizations: acquiring a company to poach its cybersecurity talent.

A Long-Term Investment

According to Cybersecurity Ventures, spending on security will eclipse $1 trillion over the next five years and bring new entrants to the market, along with an active mergers and acquisition market. This should be of interest to enterprises struggling to secure their assets and build out their cyberdefense capabilities.

“Human capital has moved ahead of technology when we look at companies,” said Steve Morgan, founder and editor-in-chief at Cybersecurity Ventures. This makes acquiring a cybersecurity provider a viable consideration for larger organizations because it can bring much-needed expertise and facilitate a horizontal expansion that could even become a revenue source.

The talent shortage is expected to worsen over the next five years, and cybercriminals will find new ways to infiltrate enterprise systems. Long-term investment in talent and specialized resources by way of acquisition may be the best way for organizations to combat these trends.

Scott Koegler
Freelance Writer and Former CIO

Scott Koegler practiced IT as a CIO for 15 years. He also has more than 20 years experience as a technology journalist covering topics ranging from software ...
read more