Challenges with Building and Maintaining Your Cybersecurity Staff
Cybersecurity Skills Gap
With consistent news around breaches, attacks and incidents, it should not come as a surprise that cybersecurity skills are heavily in demand. Yet even with the persistent need for these cybersecurity skills, there is a perpetual deficit of qualified candidates. CMI’s CTO, John Wondolowski, wrote about IBM’s Interconnect Conference and addressed the cybersecurity skills gap around IBM’s acquisition of Resilient. Additionally, this year at the RSA Conference, ISACA discussed the cybersecurity skills gap as the first topic for their State of Cybersecurity 2017 presentation.
ISACA’s studies show that only 59% of North American respondents indicated they were able to fill their open cybersecurity positions, citing a lack of qualified candidates. While a typical corporate job will receive between 60-250 applicants, only 16% of North American respondents said that they had received 20 or more applicants for their cybersecurity positions with 22% saying they had received less than five. Of those respondents, the majority (64%) were deemed unqualified, usually due to lack of experience, though education and certifications also were cited as reasons.
Past reports are consistent with these findings. The demand for cybersecurity workers is growing over three times faster than the average for IT jobs, and on average, they cost 9% more according to a 2015 report by Burning Glass. In another 2015 report, Cisco estimated that there were one million unfilled cybersecurity jobs, with a few other sources projecting the shortage to grow to between 1.5 million and 2 million cybersecurity jobs by 2020. To put this in perspective, as of January 2017, there were only 115,324 people with their CISSP, one of the most recognized and requested cybersecurity certifications.
This is to say that you are not alone if you have encountered challenges in building and maintaining your cybersecurity staff. ISACA’s recommendations to assist with finding and retaining talent had a common theme of minimizing frustration for those employees. This is where CMI can help – by providing the expertise to identify technology that automates your cybersecurity processes, providing services to implement or validate the status of that technology, and arranging a managed service to perform the more repetitive tasks.
CMI – Your Adaptable Data Center Company