March 26, 2018 By David Bisson 2 min read

The cybersecurity skills gap remains a major obstacle for most organizations, a recent survey revealed.

According to “Cybrary Declassified: Unraveling the Cyber Skills Gap and Talent Shortage,” two-thirds of IT, security and other nontechnical employees said it’s difficult for their organization to find qualified cybersecurity professionals.

As a result, 68 percent of respondents said they doubt their employer’s ability to defend against advanced threats. Furthermore, one-third of IT personnel revealed that their organization has already suffered at least one security breach.

Closing the Cybersecurity Skills Gap Through Training

Participants in the survey were candid about their own cybersecurity skills: 4 out of 5 professionals admitted that they don’t feel qualified to protect their organizations.

To help overcome this skills gap, many employees have turned to training programs. The majority of respondents (80 percent) said they enrolled in online programs as opposed to physical classrooms (17 percent) and conferences (3 percent). As for preferred training format, 65 percent sought out practical exercises, while one-quarter used video training programs, which was followed by exams and collaboration at 7 percent and 6 percent, respectively.

Finding the time and budget for training was a personal endeavor for most of the employees surveyed. Eighty-seven percent of respondents told Cybrary that they dedicated at least some of their personal time to training. Slightly less than that (85 percent) committed part of their funds to training.

The cost of training varied widely: 40 percent of respondents revealed that their skills-building programs cost up to $1,000, while about 1 in 10 said their efforts cost more than $5,000.

Integrating Cybersecurity Training Into the Work Culture

Kathy Miley, chief operating officer (COO) of Cybrary, said she isn’t against employees using some of their money to pay for training, but she does feel that organizations have a responsibility to integrate training into the work culture. Doing so can help more clearly define the company’s mission, vision and values for employees, she said.

“Leaders must prioritize creating a dynamic learning environment where experience is not only rewarded, but less-experienced employees receive the support they need to improve their skills,” Miley explained in the report. “The future of modern business is dependent on human intelligence.”

Cybrary advised organizations to collect employee feedback on training types, conduct annual performance reviews of educational programs and provide incentives for employees to participate in such initiatives.

More from

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

6 Principles of Operational Technology Cybersecurity released by joint NSA initiative

4 min read - Today’s critical infrastructure organizations rely on operational technology (OT) to help control and manage the systems and processes required to keep critical services to the public running. However, due to the highly integrated nature of OT deployments, cybersecurity has become a primary concern.On October 2, 2024, the NSA (National Security Agency) released a new CSI titled “Principles of Operational Technology Cybersecurity.” This new guide was created in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD SCSC) to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today