Addressing the cybersecurity skills gap

Although the size of the global cybersecurity workforce is the highest we’ve ever recorded, the world currently needs 3.4 million additional cybersecurity experts to support the rapid growth of the digital economy.

Theis Eichel, Vice President at 7N
#

What can you expect to learn from this article?

  • 1

    Understand the extent of the cybersecurity skills gap and its consequences for organizations

  • 2

    Explore the emerging cyber threats and their impact on critical sectors

  • 3

    Discover potential solutions to bridge the skills gap

The current state of the cybersecurity shortage

According to the (ISC)² Cybersecurity Workforce Study, the rapidly growing workforce added more than 464,000 workers in 2022. In the same year, the workforce gap has grown more than twice as much,  creating a severe shortage in several industries.

  • 1

    11.1% - Increase in the cybersecurity workforce in the past year

  • 2

    26.2% - Increase in the cybersecurity workforce gap from 2021

The gap jeopardizes the most foundational functions of the profession like risk assessment, oversight and critical systems patching, and employees are feeling it. The study reports that 70% of cybersecurity workforce believe that their organization does not have enough cybersecurity staff to be effective, which is higher than ever. When asked what they believed the reason was, the most common response was My organization can’t find enough qualified talent.

The (ISC)² Cybersecurity Workforce Study reports that 48% of the cybersecurity workforce feel that they would only have sufficient time for proper risk assessment and management, if their organization had more cybersecurity staff.

The shortage of cybersecurity professionals has dire implications across industries, as it jeopardizes the security and resilience of critical sectors. Healthcare, finance, government, and essential infrastructure, which handle sensitive data, financial transactions, and vital services, are particularly vulnerable. The scarcity of skilled personnel in these areas magnifies their vulnerabilities, making them attractive targets for cyber threats.

Emerging threats

In the Global Cybersecurity Outlook 2023, the World Economic Forum reveal that 93% of cyber leaders believe global geopolitical instability is moderately or very likely to lead to a catastrophic cyber event in the next two years – and only 6% do not think that this will affect their cybersecurity strategy to any degree.

Three major cybersecurity concerns

Cybercrime Convergence and Increased Campaigns

Criminal groups and nation-state actors are converging, resulting in a surge of targeted cybercrime campaigns that pose a greater risk to organizations.

Volatile Threat Landscape and Tactical Defense

Cybersecurity professionals face the challenge of volatile threats, spending more time on tactical defense rather than strategic development and risk management.

Emerging Risks and Increasing Impacts

Cybersecurity leaders observe an escalation in the variety and systemic nature of attacks, necessitating proactive measures to mitigate the potential impacts on operations and protect against emerging threats.

Cyber resilience in the C-suite

Survey results from the Global Cybersecurity Outlook 2023 show that 95% of business executives and 93% of cyber executives (up from 75% in the 2022 edition) now acknowledge the integration of cyber resilience into their organization's enterprise risk-management strategies. Moreover, a majority of both business and cyber leaders agree that integrating cyber-resilience governance into their business strategy is one of the most influential principles for enhancing cyber resilience.

The growing demand for cybersecurity professionals is driven by the increasing realization of the detrimental effects a cyber-attack can have on an organization. The threat landscape is ever-evolving and entails both operations, reputations and companies as a whole, and now, the issue is no longer awareness. It is cyber talent attraction and retention.

Cyber talent management
The Outlook further states that 64% of cyber leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience. Additionally, their study shows that less than half of respondents reported having the people and skills needed today to respond to cyberattacks. The level of shared understanding on this topic makes it more likely that steps can be taken to solve the challenge of attracting and retaining cyber talent. But with this, it will be difficult for many companies to close the talent gap on their own and solutions are likely to require partnerships and/or outsourcing. By embracing proactive measures and leveraging external expertise, organizations can strengthen their defense against emerging cyber threats and maintain a robust cybersecurity posture.

Next steps

In response to this challenge, organizations have two immediate opportunities to bridge the skills gap and enhance their cybersecurity capabilities.

The first opportunity lies in upskilling their existing workforce. By investing in comprehensive training programs and certifications, businesses can empower their employees with the knowledge and skills needed to effectively identify and mitigate cyber risks.

Alternatively, organizations can explore the option of outsourcing cybersecurity functions to specialized IT consultancies. Partnering with external experts allows businesses to leverage the knowledge and experience of dedicated cybersecurity professionals who stay abreast of the rapidly evolving threat landscape. Outsourcing provides access to a pool of skilled resources, cutting-edge technologies, and industry best practices without the burden of recruiting and retaining an in-house cybersecurity team.

Each approach offers unique advantages and should be tailored to the specific needs and resources of the organization.

How to think cybersecurity in finance
With the increasing prevalence of cyber threats and the potential risks associated with financial transactions and sensitive data, organizations in the finance industry must adopt a proactive approach towards cybersecurity. This whitepaper provides valuable insights and strategies on how to effectively navigate the complex landscape of cybersecurity in finance.
Want to learn how we can help you?
Interested in learning more about 7N and how we can help you? Schedule a meeting to hear about your opportunities with us!