Businesses in the world are expected to lose as much as $3 trillion by the year 2020. The losses will be due to lack of cybersecurity, the World Economic Forum’s Centre for Cybersecurity has predicted. Lack of cybersecurity experts is a major factor.
In 2018, a report by the Information Systems Audit and Control Association, now known as ISACA on the state of cybersecurity for the period in 2017, found that 59 per cent of enterprises had open (unfilled) security positions and 54 per cent say, it took on average, three months or longer to fill open positions.
And according to its 2019 global survey, technical proficient cybersecurity professionals and more so, those with business acumen, continue to remain in short supply to organisations.
A pretty much reason for this, according to ISACA, is the lack of qualified professionals applying to open positions. From the survey results, almost 60 per cent of respondents say 50 per cent or less of applicants applying to open cybersecurity positions are qualified.
Meanwhile, the World Economic Forum’s Centre for Cybersecurity says economic loss due to cybersecurity is predicted to reach $3 trillion by 2020 and 74 per cent of the world’s businesses can expect to be hacked in the coming year. It adds that, current efforts to contain cybercrime remain important, however, it is chiefly insufficient, as the global impact of cyber threats continues to grow.
Even though it may be evident that, the work of protecting an organisation’s data system lies largely, with the duties of the technical cybersecurity person, 52 per cent of respondents in the survey say most vacancies in their organisations, remained for technical cybersecurity persons, while 72 per cent of them, say there are no vacancies for Executive or C-suite cybersecurity persons.
According to the report, although the cybersecurity field has a great need for technical competence and qualifications; it also suffers from a lack of business comprehension. Data in the report shows that 49 per cent of respondents believe the average professional lacks the ability to understand the business, while 34 per cent and 17 per cent respectively say, it’s a technical and communication skill problem.
“This data, combined with the large need for technically skilled individuals, helps to determine the ideal cybersecurity professional in today’s environment—a technically proficient cybersecurity professional who is able to understand an enterprise’s business strategy. Indeed, an individual who can successfully apply his or her technical cybersecurity skillset to effectively enhance business goals and who can articulate that connection to counterparts at multiple organizational levels has a bright future in the field,” the report stated.
ISACA says its survey involved 1,576 respondents, 94 per cent of them with ISACA’s certified Information Security Manager or Cybersecurity Nexus Practitioner certificate and other individuals in information security positions. Accordingly, North America, with the highest number of respondents held 43 per cent, while other regions like Europe, Asia, Latin America, Africa, the Middle-East and Oceania held 25, 17, five and three per cents respectively. The IT organisation adds that, 28 per cent of respondents were from the technology services industry, 20 per cent from the financial industry and 10 per cent from government or military services.
Just as a remedy would mean better training, ISACA acknowledges that, formal education alone does not necessarily provide turnkey-ready professionals. The organisation agrees that, some academic institutions are implementing successful technical programs, however, most are still perceived as training cybersecurity in abstraction, rather than training it as a technical, hands-on field, which, by its very nature, requires some business intelligence.
“While the number of high-profile cyberattacks are on the ascent on one side, so are the number of cybersecurity vacancies going unfilled. The creation of industry and academic programmes to introduce the latest industry, technology, process and effective use of automation to address the shortage of skilled resources will have to be taken on war-footing,” Renju Varghese, fellow and Chief architect, Cybersecurity and GRC, HCL Technologies was quoted in the report as saying.
By Gifty Danso
Copyright ©2019 by Creative Imaginations Publicity
All rights reserved. This article or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of the publisher except for the use of brief quotations in reviews.