MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


Take me to MyPage
I'm not curious

IT Career Development Platform

IT Career Development, Progression, Coaching, Jobs | MyTechLogy
You are here: Home / IT Blogs / IT Blog View

Cyber threats keep CEO's awake at night - A growing demand supply gap of CyberSecurity professionals

Published on 05 March 18
0
1
Cyber threats keep CEO's awake at night - A growing demand supply gap of CyberSecurity professionals - Image 1
PwC’s 2018 CEO survey has highlighted a continued hardening of global attitudes to security, with the top four threats to business growth prospects now including terrorism, geopolitical uncertainty, over-regulation and cyber threats. This shift is reflected by the language now used publicly – by government and business leaders alike – as highlighted by the US Department of Homeland Security’s recent announcement of its investigation into an attack on a critical infrastructure facility. There is growing rhetoric that the risk of sponsored cyber-attacks on (inter)national infrastructure could cause economic chaos.

But after endemic under-investment in skills development for over a decade, Jim Kennedy, VP & GM Americas, Certes Technology, explains it is time for a significant change in approach to safeguard business.
Supply versus demand
Organizations now recognize that investment in security is a necessity. Yet with a current estimated 350,000 open CyberSecurity positions in the US, and a predicted global shortfall of 3.5 million cyber security jobs by 2021, the industry clearly has a massive problem regarding supply and demand. And while it is fair to say that the escalation in cyber threats has created an unprecedented need for individuals with skills, talent and experience, it is a combination of chronic under-investment in training and education; market misalignment and a lack of self-marketing that is at the heart of the skills shortage problem.
Organizations now recognize that investment in security is a necessity. Yet with a current estimated 350,000 open cyber security positions in the US, and a predicted global shortfall of 3.5 million cyber security jobs by 2021, the industry clearly has a massive problem regarding supply and demand. And while it is fair to say that the escalation in cyber threats has created an unprecedented need for individuals with skills, talent and experience, it is a combination of chronic under-investment in training and education; market misalignment and a lack of self-marketing that is at the heart of the skills shortage problem.
Rethinking education
There are so many flaws in the current model. The industry is frankly appalling at selling itself; at inspiring the next generation by demonstrating that IT can be an exciting and financially rewarding career. In addition, training has over the past decade become almost exclusively product focused – with vendor ‘academies’ teaching individuals about specific product sets, rather than security framework requirements, a move that has further weakened the depth of expertise offered by any one individual.
This approach is simply not sustainable – for IT providers or organizations desperate to access essential cyber security skills. Right now, the small pool of talent is able to demand ever higher rates, making essential cyber security unaffordable for all but the largest and most successful businesses.

The only way organizations will be able to address the huge demand for cyber security skills will be to take control and invest. And that means shifting away from outsourcing and a reliance upon expensive contractors towards re-insourcing key services, including security: the onus is now on companies to build up their own expertise in-house.
At the same time, the IT industry needs to step up and invest in training – true, agnostic training, not product specific, ersatz sales education. If the next generation of cyber security individuals are going to be able to make the right decisions, they need an excellent grounding in security – from compliance to standards, including GDPR, PCI and ISO 20001. It is only with that in-depth understanding of end to end security issues that individuals will be able to create a robust security infrastructure supported by the right product choices.
Signs of improvement
Fortunately, we’re starting to see recognition at a national level that current approaches are unsustainable. Quietly, the regulatory community has been gearing up public-private partnership efforts to be proactive on cyber threats and has now successfully engaged academia. The Cybersecurity Workforce Alliance (CWA) is a tripartite workforce-engagement model that includes the public sector, private sector and academia which has been working since 2015 to accelerate cybersecurity readiness in entry-level candidates.
It’s ‘industry-first’ approach is designed to align industry’s specific needs and graduates’ expectations with the job roles and responsibilities needed to model a curriculum — at the beginning of a student’s tenure.

Likewise, in the UK, a new National College of Cyber Security sited at the home of the WWII code-code breakers, Bletchley Park, will open in 2019, fostering the development of home grown talent. In parallel, the UK’s National Cyber Security Centre has published new advice for industry based on 14 key principles aligned with existing cyber-security standards to help organizations understand what they need to do to implement essential cyber security measures.
While positive early steps, these approaches do unfortunately only mark the beginning of our journey to close the cyber security skills gap. This vital issue will require sustained focus and deep collaboration between the public sector, private sector organizations including the IT industry itself, and academia.

From vendor agnostic, standards and skills-based training to a commitment to inspiring the next generation to join the industry in the first place, everyone demanding a solution to cyber security skills shortage today needs to step up and become part of the solution – not the problem.
Starting your career in CyberSecurity?
Here are few experts in IT and CyberSecurity, with whom you can schedule an appointment and discuss anything related to your career aspirations and goals.

They shall help you with what certifications are useful for your career progression, showcase your expertise and build your professionals profile in CyberSecurity space.
This blog is listed under IT Security & Architecture Community

Related Posts:

Cyber security

 
Post a Comment

Please notify me the replies via email.

Important:
  • We hope the conversations that take place on MyTechLogy.com will be constructive and thought-provoking.
  • To ensure the quality of the discussion, our moderators may review/edit the comments for clarity and relevance.
  • Comments that are promotional, mean-spirited, or off-topic may be deleted per the moderators' judgment.
You may also be interested in

IT Skills for your Career Progression
Hacking Techniques you should protect your application from
Are you new to MyTechLogy?
Click here to learn more
 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url

Back to Top