The Great Security Skill Shortage

by James Ackland

For some time now, our lives have been affected more and more directly by cybercrime. Whether these are rumoured or proven it is becoming more and more prevalent. It has become a daily occurrence to read about corporate security breaches or personal IT fraud stories. In fact, most recently there has been cries for a criminal investigation into vote rigging during the US elections which has led to further controversy (but this topic is for another time).

Cybercrime is one the fastest growing criminal “industries”, actually it has been for several years yet cyber security in some companies still seems to be neglected as an afterthought with the laisse faire “it won’t happen to us” attitude.

It needs to be pointed out that the victims are no longer the larger corporates, there has been a rising trend in the SME market being high on the attackers list. If you hold something that your business values then you can be sure its valuable to others as well which makes you a target!

With the rise of malware production in the forms of ransomware etc. it is getting easier and easier for criminal organisations to work their way into your organisation.

So, how is this going to change? How are we going to get a wide enough outreach of knowledge and skills shared in such a short time as to prevent this happening? By 2019 it is reported that the information security skills shortage could be around two million people.

The issue with this shortage is that firms need people with the skills to implement cyber security protection for them now. Time is of the essence to prevent breaches which has meant that training of juniors and graduates has not been as prevalent as you would hope.  This has been backed up by recent research from the ISACA stating that over 80% of companies think that over half of all applicants for cyber security vacancies are under qualified. To address this we need to provide and accelerate the availability of Security Training.

Companies should be looking at external training suppliers to train up their current employees to bring them up to speed. Alternatively IT staff looking to further their career could put themselves through one of a wide range of courses available as they can be certain there will be no shortage of opportunities once qualified.  The most sought after for 2017 being:

CompTIA Security+

CEH: Certified Ethical Hacker

GSEC: SANS GIAC Security Essentials

CISSP: Certified Information Systems Security Professional

CISM: Certified Information Security Manager

If you wish to discuss training options, security opportunities or are looking for qualified security specialist to join your team do get in touch with Security Specialist Oliver George or view all our IT jobs here.