#Infosec19: Skills Shortages Are Exposing Firms to Cyber Risk
Over half (52%) of IT and security professionals believe that cybersecurity skills shortages are putting their business at an increased risk of attack, according to a new poll from Infosecurity Europe.
Now in its 24th year, Europe's leading cybersecurity show asked over 9700 of its Twitter followers a series of questions on skills challenges, as well as its community of CISOs.
The biggest barrier to recruiting was seen as a lack of available talent, according to nearly a third (30%) of respondents. This was followed by lack of recruitment budget (27%) and lack of interest in careers within the sector (26%).
As a result, nearly half (46%) said they have found it difficult to encourage new talent into the sector.
This chimes with current estimates from (ISC)2 that claim the industry is experiencing a shortfall of 2.9 million professionals, including 142,000 in EMEA. A separate report claims the number could rise to 3.5 million by 2021.
“There are shortages of technical skills, particularly in SOC analysis, threat intelligence, research, incident response and forensic investigation,” said Paul McKay, senior analyst at Forrester Research, and a speaker at Infosecurity Europe 2019.
“This is a result of difficulty in filling entry level roles, and keeping people interested once they’re there. At the top end, boards want CISOs to improve how they articulate business risk and manage the dynamics of how security can enhance the business strategy and vision. This requires commercial acumen and the so-called ‘soft skills’ — actually the hardest to master.”
Lisa Hamilton, Deloitte’s cybersecurity associate director, claimed that encouraging greater diversity would help to tackle these challenges.
“To do this, we need to be open-minded when sourcing talent, focusing less on prerequisites and more on behaviors, characteristics and enthusiasm,” she argued.
Source: Information Security Magazine