Posted October 10, 2018
The cybersecurity industry is in a crisis. The cost of a data breach hit a whopping $3.86 million (a 6.4% increase from 2017), cybersecurity is considered one of the top four threats to business growth, and “mega breaches” (where 1 to 50 million records are lost) are becoming a weekly occurrence. The solution seems easy enough – hire more people.
Except… we have no more bodies to throw at the problem. Currently, there are 350,000 open cybersecurity positions in the United States and a predicted global shortfall of 3.5 million cybersecurity jobs by 2021.
This is a far cry from being able to keep up with the demand, and organizations are starting to feel the pressure to build and/or maintain skilled teams. Putting that into context, 59% of enterprises have unfilled cybersecurity positions, and it has taken over 50% of enterprises 3-6 months to fill them. When it comes to cybersecurity job applicants, only 1 in 4 are well qualified for the position.
Even if you do find a qualified candidate, they’ll come with a hefty price tag and will be difficult to keep as poaching has become a common occurrence in this highly competitive market. Couple that with costly security attacks showing no signs of slowing down, your organization doesn’t even have time to build an in-house team to keep up with the cyber landscape. How can you bridge the skills gap?
Start in the Classroom
With the use of the Internet becoming more prevalent in schools, students should be taught early best practices for being online; however only 23% of educators feel prepared to teach students how to protect their personal information. StaySafeOnline’s C-SAVE, was created to help educators teach young people about cyber safety and cyber ethics, as well as plant seeds for developing more cybersecurity professionals. There are also more advanced resources like CyberPatriot, which is a national youth cyber education program was created to inspire students towards careers in Science, Technology, Engineering, and Math (STEM). To help bridge this cybersecurity skills gap we need to increase cyber awareness of students and promote the value of a career in cybersecurity.
Invest in Cybersecurity Training for All Employees
Organizations realize there is a gap between the supply and demand of cybersecurity professionals, but 62% of organizations aren’t providing proper training for their employees. While security budgets are increasing, few companies spend that money on training current employees. Employees are not just one of your biggest targets, but they are also your first line of defense. Some of the biggest threats to an organization could come from an employee clicking on a malicious link in an email, using weak or reusing passwords, leaving devices unlocked, or bad user credential sharing practices.
Preventing cyber attacks is not just the responsibility of your security team, but with all employees. Educating employees about phishing attacks, password hygiene, social engineering, and other IT security topics can help protect your organization from cyber attacks and data breaches.
Even though cybersecurity is present in organizations’ budgets, there’s still not enough to cover the robust tools, people, and infrastructure needed to efficiently and effectively keep up. On top of that, building in-house capabilities can be costly and take months to get up and running. That’s why many organizations who don’t have the resources to build their own team, as well as those who are simply looking to augment their current team, are adopting a hybrid approach – in-house and outsourcing. This is becoming so prevalent that 87% of IT security professionals expect to move to an “as-a-Service” model in the next year. Outsourcing your security needs to a company with deep roots and expertise in cyber Threat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations make inform decisions regarding their response to the threat. delivers the skills and scale necessary to protect your organization in a cost-effective and efficient way.
With LookingGlass’ Threat Intelligence-as-a-Service™, leverage our 20+ years of experience 24x7x365, so you can focus on business-critical tasks.
To learn more about how you can bridge the skills gap and secure your organization, contact us.