Posted on Jun 27, 2017
The rise in cybersecurity breaches tells us cybersecurity prevention efforts will remain important for the foreseeable future. Companies of all sizes and types are looking to spend on prevention efforts, specifically on hiring qualified cybersecurity specialists.
So if the budgets are being allocated, the demand for cybersecurity talent is present, and the opportunities are available, what is the problem?
The Shortage of Cybersecurity Talent
The answer is simple: The industry is lacking qualified security professionals.
Kapersky Lab’s 2016 Report on Corporate IT Security Risks found that nearly half the 4,000 businesses surveyed said finding good talent for open cybersecurity positions was a difficult task. The challenge is finding a cybersecurity professional that can combine technical skills and security prowess, along with an understanding of business risks.
With two available jobs for every qualified candidate and 1 million positions open, it’s obvious that the supply-and-demand problem is only getting worse. Job postings [in the area of cybersecurity] increased 74 percent from 2010 to 2015 according to an analysis of numbers from the Bureau of Labor Statistics, and this number is expected to continue to rise. Cybersecurity companies and associations estimate the number of unfilled positions to rise over 1.5 million in the next few years. All this to say, there has never been a better time to be a cybersecurity professional. Those who have the experience have more job security, can request better benefits, and often get better salaries. Those without a resume full of cybersecurity experience may very well be the answer to the gap in cybersecurity talent.
Education and Investment as the Solution
By creating close partnerships between educational institutions, private sectors, and the government to enrich and create training programs and apprenticeships, the talent pool of cybersecurity candidates can expand.
For example, a couple weeks ago, at the SecurityScorecard offices, New York City Mayor Bill de Blasio recently released New York Works- a series of 25 initiatives to spur 100,000 jobs over the coming decade. According to de Blasio, this initiative is focused on creating, “stable, fulfilling careers in industries that will be around in 30 years: jobs in cybersecurity, tech, and life sciences.” Out of those 100,000 jobs, the administration invested 30,000 of them in technology with a focus on cybersecurity. With this initiative the de Blasio administration hopes to establish New York City as the next global hub for cybersecurity through a $30 million investment in training New Yorkers, academic R&D labs, and the first business ‘accelerator’ dedicated solely to early-stage cybersecurity firms in New York City. These programs will directly create 3,500 good-paying jobs and catalyze another 6,500 in the cybersecurity industry.
These kind of initiatives go far deeper than state- or federal- level mandate though. As companies strive to build the right environments to encourage and promote the growth of cybersecurity talent, we’re beginning to see new ideas for how to attract, develop, and retain qualified cybersecurity talent. The drive for tech companies in New York should be to build robust training programs. Of course the time, resource, and monetary investments required for these initiatives may lead some companies to question what the other benefits may be.
In the words of our co-founder Sam Kassoumeh, “[Training programs] will incentivize large companies to invest in New York, not just to open up satellite offices but to put down roots, just like we did.” This cycle creates and builds opportunities for employees, companies, and investors alike.
Vendor management is the process an organization utilizes to assess and manage a third- or fourth-party vendor. Learn how SecurityScorecard can help.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
Co-founder and CEO, Alex Yampolskiy, speaks about the importance of measuring and acting on key indicators of cybersecurity risk.
You can’t manage what you can’t measure. Check out our list of the top 20 cybersecurity KPIs to track in 2021.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.