In years past, it was not uncommon for an organization to push cybersecurity precautions aside in an effort to focus on more pressing, revenue-generating IT priorities. While this may have worked in the past, cybersecurity is now one of the top concerns for most organizations.
That’s because cybersecurity threats, heightened by the increased volume of people working from home on unsecured networks over the last year, have increased – a lot. In fact, a recent PBS article cited that ransomware attacks, a trending form of cyber attack where a malicious software encrypts an organization’s files until a ransom is paid for a key, have increased by 62 percent worldwide, and by 158 percent in North America alone. A reactionary cybersecurity strategy simply will not suffice in 2021.
ANSWERING THE CALL FOR AN INCREASE IN CYBERSECURITY
The demand for cybersecurity professionals has increased in conjunction with attacks over the last year. The same PBS article reported that between 2020 and 2021, there was a 30 percent increase in cybersecurity job counts on LinkedIn. However, year after year, there has been only a 2 percent increase in the number of members who hold a cybersecurity-related job title. Data from the Bureau of Labor Statistics projects that between 2019 and 2029, employment for information security analysts will grow 31 percent, a rate the BLS considers “much faster than average.”
The fifth annual global study of cybersecurity professionals, performed by Information Systems Security Association in conjunction with Enterprise Strategy Group said that, “The top ramifications of the skills shortage include an increasing workload for the cybersecurity team (62%), unfilled open job requisitions (38%), and high burnout among staff (38%). Further, 95% of respondents state the cybersecurity skills shortage and its associated impacts have not improved over the past few years.”
All of these statistics combine to paint a daunting picture: cybersecurity threats continue to rise while the skills shortage for qualified cybersecurity professionals grows quickly.
Hiring qualified cybersecurity professionals is critical to a sound, holistic business strategy in 2021 and beyond. Investing in a capable and dynamic cybersecurity department will have lasting positive impacts on company success and threat prevention. Simply put, we have reached a moment in time where cybersecurity is no longer an IT elective; it is imperative.
Cyber recruiting is not easy.
In addition to the difficulty of hiring qualified candidates, there is a general lack of training provided to the cyber professionals that do get hired.
In the technology industry, specifically cybersecurity, it takes in-depth and comprehensive training to maintain such a critical skill set. A shocking 39 percent of those surveyed by ISSA said that the biggest action that would help with the skills shortage was an “increase in cybersecurity training so candidates can be properly trained for their roles.” To take it a step further, nearly 100 percent of respondents vehemently argue that their organizations are vulnerable to threats when their cyber staff are not kept up-to-date with their skills.
Another obstacle to overcome is the misalignment between cybersecurity teams and human resources.
One-third of cybersecurity professionals surveyed by ISSA state that their human resources departments “likely exclude strong job candidates because they don’t understand the skills necessary to work in cybersecurity.” This happens largely when job descriptions are created and applicants are screened. Investing in the organization’s cybersecurity department will help close the gap between who HR thinks is a qualified candidate, and who actually is qualified.
Candy Alexander, Board President of ISSA International said, “There is a lack of understanding between the cyber professional side and the business side of organizations that is exacerbating the cyber skills gap problem. Both sides need to re-evaluate the cybersecurity efforts to align with the organization’s business goals to provide the value that a strong cybersecurity program brings towards achieving the goals of keeping the business running. Cybersecurity leaders should be able to link the security efforts directly to strategic business goals.”
Properly aligning and investing in the business’s cybersecurity department will bring greater long-term success for any organization that continues to operate with both business and cybersecurity goals in mind. In doing so, company growth and trust will be imminent.
Not sure where to start? Zeektek’s specialized recruiting team partnered with our Cybersecurity Advisory Board will help your team find your next great cyber professional. Email us at firstname.lastname@example.org to get started.