Closing the Cyber Security Skills Gap
Any search of the term ‘Cyber Security Skills Gap’ will return a laundry list of frightening facts about how far behind the industry is in terms of finding and hiring the needed professionals.Those with the desired skills will be able to command high salaries, among other benefits. But for managers seeking the dime a dozen talent, it’s a near impossible task, and often, vacant positions remain vacant, leaving organizations vulnerable to data breaches.On my research quest to find out more on this topic, I came across a wide range of statistics, which I felt important to share, so I organized them into this info graphic at right.Commonly, a bleak outlook from professionals in the field accompanied these statistics, like this one:Marc van Zadelhoff, general manager of IBM Security, stated, “Even if the industry was able to fill the estimated 1.5 million open cyber security jobs by 2020, we’d still have a skills crisis in security. The volume and velocity of data in security is one of our greatest challenges in dealing with cyber crime.”And while I agree, there are many challenges at hand, but I am confident that as humans have always done, we will adapt. I believe that the solution is two-fold.In order to adapt, organizations must make practical training a priority, integrating security best practices into traditional education and continuing that learning with onboarding and skills development from entry-level employees all the way to the most senior members, cyber security professional or not.The sooner security best practices are introduced to students and employees, the better. Not only will early exposure allow for more consideration as a potential career/ career change, but foundational knowledge will allow for growth with the changing technologies.Paul J. Mocarski, Director, of Global Information Security with Valspar says, “For companies that want to rely on already employed IT staff to handle security, it will require additional training. The training would be specific to needs and should include any compliance regulations required by the industry.”He expands, considering “Larger organizations will have the resources to develop and execute programs of this type internally, and smaller organizations should consider developing a curriculum and partnering with appropriate IT and cyber security training providers. Evaluating their own internal resource gaps will allow an organization to tailor their training programs to fill the identified needs.”Which is why adopting a proactive approach, regardless of if you’re an educational institution, or a Fortune 500, is necessary.The second part of the solution is recognizing that not only in training needed, it’s also wanted.According to the eighth Global Information Security Workforce Study, millennials want career development, including: sponsoring mentorship and leadership programs, paying for attendance at industry events, offering training programs, and employer- paid professional certifications and association memberships.The study also found that millennials are more likely to aspire to become security consultants, but that salaries were not the highest priority for them.On a larger scale not limited to millennials, 70% of employees say training and advancement opportunities affect whether they will quit their job. So, in addition to solving the problem of attracting the right employees, training can help retain them, too.Developing a hands-on security training program may seem like an impossible task. That changes now.Join Cybrary Co- Founder Ryan Corey as he provides some insight into the future of security training and demonstrates the capabilities of Cybrary’s New Enterprise Training Management and Skill Assessment platform, Teams.Register for the April 18th event here:Olivia Lynch (@Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.