The Cybersecurity Skills Gap Is Putting Businesses at Risk


The gap between the supply of trained cybersecurity professionals and the demand for their skills is steadily widening. The ISACA reports that by 2019 the global cybersecurity shortage will reach two million jobs, and a Brocade global study reveals that 54% of businesses expect to struggle in the next year due to a lack of cybersecurity skills.

Additionally, the rise of cyber-attacks over the last several years shows no sign of letting up. Not only are more and more attacks being created, but their sophistication continues to grow. Juniper Research reports that the average cost of a data breach could exceed $150 million by 2020 as more business infrastructure becomes connected, while globally the annual cost of cybercrime will rise above $21 trillion in 2019.

Numbers aren’t everything, but it’s clear that many businesses will struggle to secure the talented individuals they need to protect their organisation – and further casualties are highly likely. At a time when cybersecurity skills are stretched, this could prove disastrous for many businesses.

What does the cybersecurity skills gap mean for businesses?

A Skills Gap Significantly Increases Cybersecurity Risk

The lack of skilled cybersecurity experts is going to increase a business’ risk in several ways.

To begin, fewer employees mean fewer eyes monitoring and fewer man-hours spent working. This increases the risk of a vulnerability lying unfixed until it is too late and, consequently, increases the overall likelihood of a breach occurring.

Second, fewer workers mean businesses will be less prepared to respond in the event that a breach does occur. For many businesses, especially small to medium-sized enterprises, this can be devastating as long periods of downtime could spell potential bankruptcy for companies already in a weakened state following a breach.

Ultimately, no matter the size or status of a business the skills gap overall effect is a significant increase in risk. It is highly likely that over the next few years, as threat actors become more sophisticated in their attack methods that we will see the effects of the skill gap amplified resulting in breaches that are even more damaging than those in recent memory.

As Demand Increases, So Will Wages

In addition to having to cope with a skills gap and the resulting risk this creates, businesses will also struggle to hold on to their top professionals.

The high demand for cybersecurity talent, relative to supply, will cause wages and competition amongst employers to increase. Organisations that do not provide competitive offers will struggle to attract and retain skilled workers. When this happens organisations tend to fill the gaps by hiring less qualified professionals that they train to bring up to speed. The problem with this is as the individual’s skill set increases so do their demand in a competitive marketplace which means that the employer will still be forced to pay a higher wage or risk losing the time they have invested in that employee to a better offer.

Technology Must Fill the Gap

With the number of trained professionals forecast to fall far below demand, businesses will need to rely on their security tools to fill in the gaps more than ever before. Businesses should be constantly reviewing new tools on the market to see if emerging technologies offer any opportunity to fill in some of these gaps and provide more effective and efficient protection for critical systems.

Ideally, an organisation’s security tools should augment their security team’s efforts and protect them against a broad array of attacks (including executables, document exploits, scripts and false credentials) throughout the entire threat life-cycle: pre-execution through post-execution.

Conclusion

The gap between the supply of trained cybersecurity professionals and the demand for their skills is only going to continue to widen as we move forward. As a result of this, businesses will face increased risk, increased employment costs, and a growing reliance on tools that improve security efforts. Businesses need to be aware of and have a plan for dealing with these challenges, otherwise, we will continue to see more and more high profile breaches over the next several years.

View the original article by SentinelOne.