With the advent of digital technlogies the cyber risk has grown manifolds, pushing up the demand for cybersecurity professionals worldwide. Howveer, the shortage of cybersecurity workforce continues to grow and the skills gap is widening further, thus putting organizations constantly at risk.
According to Cybersecurity Workforce Study by ISC, the shortage of cybersecurity professionals is close to three million globally. Around 63% of the survey respondents revealed that their organizations have a shortage of IT staff dedicated to cybersecurity.
Region wide Asia Pacific is experiencing the highest shortage at around 2.15 million owing to its growing economies and new cybersecurity and data privacy legislation being enacted throughout the region.
“Our existing education systems have failed in many ways to create sustainable workforce of quality professionals. The gap is huge as there is lack of specialized skill resources and there are not many institutions that are researching and investing enough to develop advanced education programs on Information Security which includes Cyber Security,” reasons Kalpesh Doshi, CISO of FIS.
Impact of Shortage
The study indicates that this imbalance between supply and demand of skilled professionals continues to leave companies vulnerable. Around 60% respondents believe that their companies are at moderate or extreme risk of cybersecurity attacks due to this shortage.
Lack of skilled and experienced cybersecurity professionals is now the #1 job concern, outranking historically topmost responses, including lack of adequate budget, lack of time and lack of work-life balance.
Finding An Answer
According to Pritam Dutta, a senior information security analyst, “An effective cyber security implementation cannot be achieved through a one time skilling exercise and needs continuous re-skilling. This gap in my view should be addressed by both hiring new skilled workforce and re-skilling the existing IT and cybersecurity work force.”
Doshi, on the other hand, is a strong believer that Infosec professionals as part of formal education should undergo stringent 10 – 12 months of internship program with organizations to learn the necessary survival skills.
Needless to say, right skilling and re-skilling of the information security workforce within their orgabizations will form an integral part of designing a robust cybersecurity strategy for CISOs going forward.