IT Decision-Makers Must Respond Proactively to the Cybersecurity Skills Crisis

December 15, 2016 @ 1:30 PM
| |
2 min read

Attempts to build strong corporate defenses could be undermined by a critical lack of IT skills. Executives must take a strategic approach to the expertise gap.

According to a recent report, “Hacking the Skills Shortage,” by Intel and the Center for Strategic and International Studies (CSIS), 82 percent of IT decision-makers are concerned about the cybersecurity skills shortage.

The skills gap presents many challenges to executives looking to stay ahead of the evolving threat landscape. Organizations must take a proactive approach to the security challenges they face.

The Cybersecurity Skills Shortage by the Numbers

Demand for cybersecurity professionals outpaces the supply of qualified workers. According to the report, organizations most commonly covet highly technical skills across. Intrusion detection, secure software development and attack mitigation skills are particularly valued.

More than 209,000 cybersecurity jobs in the U.S. went unfilled through 2015, according to Peninsula Press, which analyzed data from the Bureau of Labor Statistics. The demand for information security professionals is expected to grow by 53 percent through 2018.

The lack of security talent is already having an impact. As many as 71 percent of IT leaders believe the cybersecurity skills shortage is responsible for measurable damage to their organizations, according to Intel and CSIS. Additionally, 1 in 4 respondents claimed their organizations had lost proprietary data due to the cybersecurity skills gap.

Tough Road Ahead in 2017

According to a Ponemon Institute report, technology decision-makers set aside 23 percent of their IT security budgets for cyber resilience. Due to the fast-changing nature of security threats, however, internal technology teams face a tough time staying ahead.

The study also revealed that 71 percent of U.K. organizations rate their cyber resilience as low. The survey, produced in association with Resilient Systems, followed a similar survey of U.S. IT leaders last year, which found that three-quarters of North American firms are similarly ill prepared.

Cybersecurity challenges are likely to increase in 2017 as cybercriminals continue to use creative techniques to open corporate defenses. Chief information security officers (CISOs) should prepare for the increased use of ransomware, extortion and industrial attacks connected to the Internet of Things (IoT), TechRepublic reported.

A New Approach

IT managers tend to get caught up searching for technical skills and fail to consider soft skills when filling positions. Since the biggest threats to security usually stem from people, cybersecurity professionals need strong communication and interpersonal skills.

Businesses looking to deal with the cybersecurity skills challenge should foster new education models, accelerate the availability of training opportunities and diversify their human resources pool, according to Chris Young, senior vice president and general manager of Intel.

The report outlined recommendations for IT decision-makers looking to deal with the cybersecurity skills crisis. First, they should reconsider the minimum credentials required for entry-level IT employment and open their minds to job candidates with nontraditional backgrounds. IT leaders should also provide more on-the-job training and procure intelligent security automation tools that enable analysts to produce better metrics to spot and respond to threats.

Mark Samuels
Tech Journalist

Mark Samuels is an experienced business technology journalist with an outstanding track record in research. He specializes in the role of chief information o...
read more