For years, we’ve pointed out the cybersecurity industry’s talent gap. A gulf has been widening between organizations’ demand for skilled security professionals and the supply of candidates who fit the bill.
This cybersecurity skills shortage appears to be driven by several factors, including:
- There’s a persistent lack of interest from younger professionals entering the workforce.
- A lack of engagement within K-12 educational institutions and investment in cybersecurity education
- The rapid rise of Big Data, which has vastly amplified the need for information security protections across business sectors.
Cybersecurity leaders have responded to the talent shortage by calling for expanded awareness and training programs, as well as placing their hopes in technological advancement (e.g., machine learning). That’s all well and good, but neither action has (so far) led to demonstrable improvements in the industry.
In fact, rather than improving, the shortage in cyber skills is getting worse.
ESG/ISSA Report: Skills Gap Widens for Fourth Consecutive Year
A recent report from analyst/research firm ESG and Information Systems Security Association (ISSA), outlining the results of a national survey of professionals about how the industry has been affected by COVID-19, highlights this fact.
Around 70% of those surveyed indicated that their organizations have seen an impact from the skills shortage. This figure has gotten worse for four consecutive years.
Meanwhile, information systems have been targeted more intensely than ever. And with an increasing reliance on remote work, the stakes have never been higher. Overworked technicians are jumping from one fire to another, leaving them no time to expand their skillsets.
Training is problematic in general:
“Thirty-six percent of respondents reported that they thought that their organizations should provide a bit more cybersecurity training, while 29 percent believe their organizations should provide significantly more training,” the report states. “Further, 28 percent believe they are not providing enough training for non-technical employees. Based on 4 years of research, training seems to be a perpetual shortcoming.
“Alarmingly, there seems to be no plan for improvement.”
The ESG/ISSA report also claims that shortages in security staff are most acute in highly specialized areas, which will be increasingly important as our organizations move services into the cloud and otherwise expand into emerging technologies.
There is hope, of course, for the future of cybersecurity. But it’s high time to set organizations on the right course. From innovative tools and services to improve your protections to educational programs to arm your employees, Lunarline has what you need to bolster your security and develop your cyber personnel.
Make the move now. Contact us today to find out more.