The Cyber Skills Shortage Is Not Getting Any Better

Uploaded on 2022-02-08 in JOBS-Training, FREE TO VIEW

As digital transformation drives the importance of cyber security to a company’s value proposition, cyber security managers continue to face big challenges in finding people with the right skills. 

According to a recent survey conducted by cyber security recruitment firm Stott amd May, in conjunction with Forgepoint Capital, internal skills continue to represent the single most significant barrier to strategy execution for 43% of cyber security leaders. Other key hurdles included budget (35%), technology (13%), and board-level buy-in (9%).

The research, entitled ‘Cyber Security in Focus’, provides insight into the thoughts and core priorities of a snapshot cohort of 55 security leaders and examined critical themes including the skills shortage, inhibitors to strategy execution as well as the business perception of cyber security functions. Respondents come  from Stott and May’s professional network across Europe, the Middle East and Africa (EMEA) and North America. The roles surveyed included Cyber Security Directors, Security Operations Directors, and VPs of Product Security, with 36% of the sample originating directly from the CISO community. 

Highlights from the survey include:

  • Security leaders continue to experience challenges sourcing experienced talent, with 73% highlighting it as an area of concern. Time-to-hire also remains a potent issue. 35% pointed to positions being left unfilled after a 12-week period.
  • Further evolution surrounding the working pattern of security professionals looks likely, with 73% of security leaders favoring a hybrid approach and an additional 22% going fully remote.
  • The significance of cyber security is becoming even more broadly recognized internally, as 80% of security leaders believe their business perceives the function as a ‘strategic priority’ – up from 54% last year.
  • 100% of the sample of cyber security leaders now either agree (38%) or strongly agree (62%) that their business feels the function plays a role in improving the overall value proposition to customers.
  • Concern is growing among 51% of respondents that cyber security investment is not keeping pace with the drive towards digital business.
  • 54% of hiring managers believe that salaries have increased more than 11% year on year, further highlighting the demand for talent.

The challenges posed by digital transformation and the sheer pace of agile software development are also culminating in the emergence of a new type of CISO: the engineering-centric CISO.

“A lot of digital transformation is inherently going to be driven by engineering and finding a CISO that can empower developers with knowledge, tooling, and experience will enable outcomes to be achieved faster and more securely.” according to William Lin of Forgepoint Capital,

Shifting security into the product development lifecycle is a central issue for CISOs. James Dolph, CISO at Guidewire Software commented  “... security is not and cannot be viewed as an add-on, it is not optional and should be part of the company’s value proposition.”

Stott And May:

You Might Also Read: 

The Cyber Skills Shortage & Training Gap - What Is The Solution?:
 

« Beware PowerPoint Files With Hidden Malware
Google & Facebook Will Have To Pay British Newspapers »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Mexis

Mexis

SCADAfence

SCADAfence

SCADAfence offers cutting edge cybersecurity solutions designed to ensure the operational continuity of industrial (ICS/SCADA) networks.

Checksum Consultancy

Checksum Consultancy

Checksum Consultancy specializes in Information security, Risk management, and IT governance.

KeyXentic

KeyXentic

KeyXentic Inc. is a professional mobile and data security service provider. We are devoted to design convenient and strong security for user’s data protection and privacy without any compromise.

Cyberstarts

Cyberstarts

Cyberstarts’ vision is to become the leading platform for amazing teams of entrepreneurs to solve the next big problems of the cybersecurity world.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity. The leading Risk Assessment Platform for Critical Infrastructure.

World Informatix Cyber Security (WICS)

World Informatix Cyber Security (WICS)

World Informatix Cyber Security provides a range of cyber security services to protect valuable information assets to global business and governments.

TrustGrid

TrustGrid

Trustgrid is a pioneer and leader in secure, cloud-native software-defined connectivity.

ABCsolutions

ABCsolutions

ABCsolutions is dedicated to assisting businesses and professionals achieve compliance with federal anti-money laundering regulations in an intelligent and pragmatic way.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

DigitalWell

DigitalWell

DigitalWell provide fully managed IT and communications solutions for a truly innovative end-to-end experience - for your customers and teams.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.

Haiku

Haiku

Haiku stands at the forefront of cybersecurity upskilling, leveraging video games to immerse you in a flow state for accelerated, enduring learning.