Cyber Skills Gap Grows Along With Threats

A corporate job opening typically draws as many as 250 applicants with varying qualifications.

In stark contrast, a new survey of the growing cyber security skills gap reveals that just over half of US companies looking to fill corporate IT security positions receive five applications. Of those, fewer than one in four candidates possess the qualifications companies are seeking.

"As enterprises invest more resources to protect data, the challenge they face is finding top-flight security practitioners who have the skills needed to do the job," information security executive Christos Dimitriadis told the RSA security conference this week. "When positions go unfilled, organizations have a higher exposure to potential cyber-attacks."

Fifty-five percent of respondents to a cyber security skills survey said they place greatest emphasis on hands-on experience. Nevertheless, 25 percent said candidates lack technical skills. Hence, most recruiters emphasise performance-based certification and training over candidates with college degrees in cyber security.

More than two-thirds of respondents "view certifications as equally, if not more, important as formal education," according to the workforce study released this week by the cyber training and certification group ISACA.

Sensing an opportunity, companies such as IBM have moved to address the cyber security skills gap with automation tools based on its Watson cognitive computing platform. In one scenario, security teams dealing with hundreds of thousands of security events each day could hand off lesser threats to automated systems to reduce the amount of time wasted on false positives.

A new IBM research projects code-named Havyn based on a voice-powered security assistant leverages Watson conversation technology to respond to verbal commands and natural language from security analysts, the company said.

Indeed, cyber security organisations such as ISACA endorse the use of emerging cognitive tools as a way to close the cyber skills gap and address the more mundane but critical aspects of cyber-security. "Where security operational tasks can be automated, it can decrease the overall burden on staff and thereby help make best use of staff that an organisation already has," the study recommended.

It also recommended that companies take steps to retain and invest in its cyber defenders as demand for those talents increases in parallel with threats to corporate networks.

The urgency to retain cyber specialist was underscored by another finding:

Roughly one in four companies surveyed reported that the time to fill priority cyber-security and information security positions can be at least six months.

In Europe, almost one-third of cyber security job openings remain unfilled, the study found.

Another factor at work in the cyber realm is a phenomenon known as "security fatigue," defined as "weariness or reluctance to deal with computer security."
Hence, unremitting cyber-attacks and the mundane nature of the cyber security are contributing to the cyber skills gap, the study warns.

EnterpriseTech:

You Might Also Read

How AI Will Solve The Skills Shortage:

Staff Training 'Not enough to stop most data breaches':

Difficult: Attracting Women To Cybersecurity:

 

 

« Snowden Helping To Protect Journalists
Cyber-Workforce Shortage to Increase »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

Scale Computing

Scale Computing

Scale Computing is an industry leading application platform for EDGE computing environments covering retail, manufacturing, financial services and government.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

CyberSift

CyberSift

CyberSift is a cyber security provider. We develop threat detection software which needs no infrastructure changes as it integrates with almost any security tool.

CYBERSEC Forum

CYBERSEC Forum

CYBERSEC Forum is an annual European Public Policy Conference dedicated to strategic aspects of cybersecurity.

Clym

Clym

Clym is the data privacy platform that helps organisations meet their data protection obligations. Cookies, Consent, Requests, Policies and more are all managed in a secure and adaptive application.

Romanian Accreditation Association (RENAR)

Romanian Accreditation Association (RENAR)

RENAR is the national accreditation body for Romania. The directory of members provides details of organisations offering certification services for ISO 27001.

SecuLetter

SecuLetter

SecuLetter is able to detect unknown attacks with hybrid approaches, static and dynamic analysis.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

Oak9

Oak9

The oak9 platform analyzes infrastructure as code (IaC) and builds security into cloud native applications so they are secure and compliant by design.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

CV-Library

CV-Library

Start your job search with 216,931 live UK vacancies on award-winning CV-Library. Register your CV and find local jobs near you today!

iNovex

iNovex

iNovex is a community of innovators that work together to solve hard problems. We partner with you to meet problems head-on and push boundaries with technology solutions.