The Critical Skills Gap in Cybersecurity

The inability to identify, measure and respond to cyber vulnerabilities in critical IT infrastructures has resulted in a skills gap in cybersecurity. IT professionals, lacking the requisite skills, are ill-prepared to deal with the evolving threats from cybercriminals and their sophisticated technology. In fact, according to a recent report by Forrester Research, a full quarter of the companies that were surveyed experienced one or more cyber attacks in a year - a frightening proposition for businesses of all sizes.

A skills gap in cyber defence needs to be addressed to ensure the protection of the business and its assets. Currently, there is not enough of a counter cyber attack to make up for what has been lost or stolen. The best way to close the gap is to train employees to be experts in cyber defence. It is also necessary to have an institution of research to bring together the different minds that will be dedicated to the cause. This way, each piece of the puzzle - the skills gap - is addressed in turn, leading to a stronger foundation for cyber defence.

With more businesses/organisations making the inevitable journey to digital transformation, the need for qualified professionals is increasing. This sector is expected to experience unprecedented growth over the next few years, creating a significant shortage of cybersecurity professionals. According to IT recruiting firm Dice, there is currently no position available to accommodate the approximately five hundred positions required by IT recruiters to meet the demand for professionals right now. Dice's senior manager, Kevin Costner, attributes the problem to an ageing workforce that is leaving IT personnel to fight just to keep up with the pace.

According to Dice, there is a skills gap in IT recruitment that must be addressed if employers are to find the right candidates for their companies. IT recruiters say that candidates who possess the following IT skills are more likely to get jobs: the ability to communicate on the phone; the ability to work independently; an understanding of how a cloud infrastructure works; and an understanding of how to troubleshoot problems in a cloud environment. According to Dice, IT job market analysts believe that this group of employees will grow significantly as companies look to reduce costs, improve productivity, and adopt an IT maintenance approach that incorporates the use of cloud computing solutions. The need for qualified professionals is expected to increase as employers incorporate these new practices into their operations.

Organizations also face a skills gap in IT recruitment that directly relates to their failure to address cyber risk management. Organizations have a difficult time hiring qualified professionals because they do not always know what an organization needs to do in order to protect its most valuable assets. According to Dice, companies need to take a hybrid approach that combines internal controls with external controls in order to properly protect its most valuable information. Companies also need to hire IT professionals who are trained in both network security skills and system security skills because one does not exist in the other.

A critical skills gap exists between those who can monitor networks and deal with malicious attacks and those who can deal with basic issues and malware vulnerabilities. Many experts believe that companies should develop an integrated disaster management plan that addresses both the prevention and response to threats. The adoption of the integrated approach will help to ensure that security professionals are better equipped to deal with threats, which will lead to increased productivity. With the right professionals in place, organizations stand a good chance of preventing threats before they even happen.