Tuesday 21 February 2017

A Severe Shortage of Cybersecurity Talent Helps Create the ‘Perfect Storm’ for Security Breaches

Posted by at 9:09 AM

Perfect storms hit when combinations of circumstances create events of unusual and often severe magnitude. Lack of cybersecurity talent is one such circumstance and the consequences are whipping up dark clouds that are leaving businesses of all sizes vulnerable to attacks.

Colliding events causing the storm are:

  1. Serious shortages of cybersecurity trained professionals.
  2. Multiple platforms like Google, Apple, Cloud, satellite uplinks and fiber link SCADA systems opening organizations to external security threats outside company firewalls.
  3. Internet anonymity making cyber protection even more complicated.
  4. Weak security points frequently caused by the combining of old and new technologies.
  5. Limited time and money for security.

Studies show a continued rise in the shortage of cybersecurity specialists.

  1. More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74 percent over the past five years, according to a Peninsula Press analysis of numbers from the Bureau of Labor Statistics. The demand for positions like information security professionals is expected to grow by 53 percent through 2018.
  2. By 2019, the worldwide need for cybersecurity professionals is expected to reach 6 million jobs but companies will likely find only 4.5 million people with the needed expertise to do the work.

Industry trends and academia are not in synch.

One study shows, only a handful of the 50 top university computer science programs in the United States require that students take even one cybersecurity course. Causing even more complications, cyber threats are evolving so fast that by the time students’ graduate, the few courses they took are already outdated.

The same study notes in their analysis: “The American education system is failing computer science students by de-prioritizing cybersecurity training. Universities are inadvertently contributing to the lack of cybersecurity readiness in the U.S. by failing to teach students how to implement security thinking and awareness into all new code design, development, and testing. Given the increasingly complex nature of today’s threat landscape, security can no longer be added on after new products and innovations are delivered to market. Cybersecurity training must be a graduation requirement for all computer science programs.”

Catching up to the need will take time—something most businesses can’t afford given the threats they face. Also, building the needed skillset of a cyber specialist takes more than cracking books. Like those in the medical field, whose experience as an intern, resident, and attending physician helps build the proper instincts to diagnose and treat disease—cyber-security specialists require the same hands-on training to ‘catch’ those attempting to do harm. 

Surveys of business leaders across the country highlight the lack of expertise to prevent, detect, and respond to security threats. For example, results from a 2016 Ponemon Institute independent research survey shows 79% of respondents say security processes for internet and social media monitoring are non-existent, partially deployed, or inconsistently deployed.

Partnering is filling the gap.

Placing expert eyes-on detection through network monitoring is a solution most effectively done through outsourcing. Partnering with cyber-security experts puts the right people in the center of the technology and the process, allowing companies to be resilient and adaptive to the ever-changing threats.

Have you come to the fork in the road?

One fork leads to the ‘perfect storm’ of circumstances plaguing companies across the board with threats that are exploding in both frequency and complexity. The other fork leads to a team of partners with the expertise, technology, and external cyber protection services to ‘minimize storm risks’ and keep the sun shining on your business.