Just watching the news in recent years — from WannaCry and NotPetya outbreaks, to the recent Colonial Pipeline ransomware attack — cybersecurity is one of the most pressing issues of our time. In the past two decades, amateur hackers have grown into full-fledged cybercriminals, stealing passwords and money from consumers and businesses all over the world.
At organizations both large and small, cybersecurity professionals have been thrown into an unprecedented storm, facing some of the toughest issues. Despite an ongoing shortage of qualified cybersecurity personnel, teams across public and private sectors are working hard to tackle new challenges and protect their organizations.
For large global enterprises and fledgling startups alike, a strong security posture is a business imperative. As the digital transformation of business accelerates, cloud adoption grows, digitally connected workforces disperse out to remote home offices, and the Internet of Things brings more devices and objects online, cybersecurity professionals and technologists are facing tough challenges to protect our assets. Verizon’s “2021 Data Breach Investigations Report” has shown us that threat actors continue to adapt to this ever-evolving attack surface. Meanwhile, the industry faces another problem: Cybersecurity professionals are in high demand but short supply. This skill shortage is impacting how we can respond to and mitigate attacks. One (ISC)² Cybersecurity Workforce Study puts the global cybersecurity talent shortage at more than 4 million people.
According to Gartner, with the uptick of attacks in the last several months, in part due to increased remote working and online shopping, the global pandemic has further escalated this situation. It’s a common phrase we hear in the field — “there just isn’t enough talent.”
With Cybersecurity Awareness Month in progress, this important moment should be a stark reminder to not only implement good cybersecurity hygiene but also to reignite our commitment to narrowing the gap in our talent shortage. It will take the entire industry to accomplish this.
One way to address the ongoing problem is to expand and reevaluate our own requirements when it comes to hiring and implementing apprenticeship programs and training for individuals who haven’t been on a traditional technology career path. Cybersecurity problems are complex and broad, so increasing the mix of our talent pool should be a top priority. While many security issues can be mitigated by artificial intelligence and machine learning, there are other tasks that can only be solved by people. Young up-and-coming cyber defenders, working alongside seasoned veterans, can bring a fresh perspective while getting valuable on-the-job training as they launch their careers.
We must break out of our traditional models of what we think a cybersecurity professional looks like and start rewriting our job descriptions. Prioritizing practical experience over degrees is another way to attract strong candidates. We want more people to be part of the industry; it’s not just about filling desks or head counts. Unabashed curiosity and the ability to solve problems and think outside of the box are skills we need to focus on when reviewing resumes.
Ultimately, cybersecurity is about safeguarding companies’ information assets, which includes keeping their employees’ and customers’ information secure. There are many professionals from all walks of life who want to lend their hand to help build a safer digital world.
What You Can Do to Grow Your Talent Pool (and Help Our Industry):
Copyright © 2021 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.