Enterprise leaders across the world can agree on one thing:
There’s a cyber security skills shortage and it will only get worse in 2019.
Demand is overwhelming supply and it’s leading to a growing number of businesses that are underprepared and understaffed when it comes to protecting their digital infrastructures from cyber-attacks. Research now suggests that companies will continue to struggle, turning the role into a liability for many.
Cyber security skills shortage by the numbers
The (ISC)² pegs the figure at 1.8 million by 2022; Cybersecurity Ventures estimates it will reach 3.5 million before then. The truth is that the shortage of skilled cyber security specialists will probably fall somewhere in the middle.
Regardless of what the final number will be, businesses are already feeling the pressure. Roughly half of all companies surveyed by the Enterprise Service Group recognise they don’t currently have the cyber security talent they need. It’s leading to organisations that are severely underequipped to combat hackers’ evolving techniques.
The issue is only expected to compound as 29 percent of businesses have plans on adding to their IT teams in 2019 and cyber security specialists are most in demand among businesses with more than 100 employees, Spiceworks’ 2019 State of IT report found. Not only will businesses have a tough time finding the right talent, but they’ll be competing with a number of other businesses to hire them.
The market shortage comes at a time where a data breach can have a devastating impact on companies in more ways than one. Data breaches garner headlines for weeks and can damage an enterprise’s reputation among its customer base, which could inevitably lead to a decline in revenue.
Similarly with GDPR in full swing now, legal complications stemming from the breach can cost a business up to 4 percent of its annual global turnover. We’ll soon begin seeing more court cases originating from these instances, as Yahoo recently set a precedent by agreeing to pay $50 million in damages to victims of a 2013 data breach and provide free credit monitoring services.
In some cases, it’s not even the market shortage that’s the issue. With a diluted field to work with, companies are finding it difficult to understand exactly what they’re looking for in regard to an open role. They often have to lower their expectations, but in doing so they could be overlooking a significant certification or line item on a CV that could spell success or failure in a future stint.
How businesses are overcoming the cyber security skills shortage
Companies are using a variety of solutions to maintain strong cyber security postures despite not having the resources they’d like at their disposal. One in particular makes the most sense given how diluted the potential workforce has become: industry-specific resource placement services.
As organisations continue to find it difficult to bring on new team members, they’ll undoubtedly start to inch towards using recruitment agencies. These obviously have their pros and cons – one benefit being that they’re tuned into the hiring market more than most – but the fact that many recruiters aren’t closely invested in the industry could set businesses back when it comes to cyber security.
Industry-specific resource placement services differ from traditional recruitment agencies in a few ways. The most important being that each individual applicant is highly vetted by experienced cyber security professionals before his or her CV is even sent over for recommendation. By leveraging their internal resources – often members of a 24x7x365 Security Operation Centre or cyber security testing team – they can identify the exact skill level of the candidate and ensure they’re an appropriate fit.
In a market where competence is largely a byproduct of the right certifications and specific technical expertise, recruiting agencies can fall short in their pursuit of the right candidate if they don’t properly vet them beforehand. Connect360 solves this by only presenting applicants who would be hired at Integrity360, ensuring that the prospect pool is as strong as possible.
Don’t let the cyber security skills shortage put your company’s data security in jeopardy. Connect360 is an industry-specific resource placement service that uses its connections with candidates and businesses to find the most skilled applicants for the right job. Contact an Integrity360 representative today to learn more.
