IT

The shortage of Cyber Security skillsThis is a four-part series of articles covering emerging trends in cyber security, the skills gap and recent developments to address the growing cyber threat.

Part Two:

In part one, we examined some of the emerging threats in cyber security, here we will look at the difficulty of finding skilled people to prevent cyber-attacks.  According to ESG’s latest annual survey of 600+ cybersecurity professionals, over the past five years has seen an increasing shortage in cybersecurity employees, increasing from 23% of respondents to 51%. Other research reports all point to a growing skills shortage and with cyber threats becoming more sophisticated this gap poses a major problem for organisations.

IT graduates and professionals with key skills in network architecture, programming, web development software, IT forensics, cryptography, network and application security amongst others, have traditionally filled Cybersecurity roles. These roles are now competing with other, perhaps more attractive, IT development roles which makes the filling of roles even more challenging for recruiters. In addition, many IT departments are not just competing between themselves for talent but with the specialised cyber security firms, who offer leading edge cyber security roles.

Vacancies for cybersecurity roles are reaching new levels; a 2017 report found in the US approximately 30% of roles were vacant . Research by Indeed revealed Ireland had the second highest cyber security postings (per million of population), higher in relevant comparison to the UK, the US, Germany amongst others. Estimates of global vacancies in cyber security range from 1.5 million to 3.5 million by 2021.

Some of the consequences of this demand for cybersecurity have been the development of executive level IT security role (e.g. Chief Information Security Officers), the outsourcing of security operations to third parties, the requirement for cybersecurity skills across all IT roles, and need for improved collaboration between organisation’s security teams and wider IT departments. These highlight the significant resources issues and decisions for organisations, especially as the risks from cyber security to organisation’s business continuity and financial health increase.

As the cyber threat increases and skills to combat these become scarce, organisations and governments need to develop new and different ways of addressing these problems. The next article will look at some of these.

  • Contributed by Matthew O Sullivan at CJHNetwork.