Cybersecurity skills gap weakens cyber defences
According to (ISC) 2, the global cybersecurity workforce must grow by 65% to effectively insure critical assets. Although the number of professionals required has a downward trend (3.12 million to 2.72 million), there is a significant gap that leaves many organizations vulnerable.
Fortinet has been sounding the alarm over the persistent cybersecurity skills gap for years. That is why the Fortinet Training Institute exists: to offer certification and training in the growing field of cybersecurity. Fortinet recently released a report that sounds the alarm again about how the cybersecurity skills gap is affecting organizations.
Fortinet’s 2022 Cybersecurity Skills Report highlights how this gap is increasing the number and severity of security breaches. As organizations recognize this growing risk, the gap is no longer just a computer or human resource problem, but a top priority for the management suite and a problem that needs a top-down solution.
All organizations are at risk
Based on a global survey of more than 1,200 IT and cybersecurity officials from 29 different locations, the Fortinet report illustrates the risks of the cybersecurity skills gap. It identifies that eight out of 10 organizations surveyed experienced at least one violation due to lack of cybersecurity skills or awareness.
Globally, 64% of organizations suffered defaults that resulted in loss of revenue or recovery costs, and 38% reported costs in excess of $ 1 million (USD). 20 percent reported five or more startling breaches.
As the risk and cost of cybersecurity violations increases, senior leaders are paying more attention. According to the results of the survey, 76% of organizations have a board of directors that has recommended increases in the staff of IT and cybersecurity. Unfortunately, growing an organization’s cybersecurity team is often a challenge.
Good talent is hard to find (and maintain)
Fortinet respondents shared that their organizations are struggling to find certified cybersecurity people. While most organizations (67%) see the shortage of qualified cybersecurity candidates as a risk to their organization, many (60%) still have difficulty finding suitable recruitment and more than half (52%). ) struggle to retain them.
Today, organizations need cybersecurity professionals with a wide range of functions and specializations related to security and IT. The challenge is to find the right people with the right skill sets to suit the needs of each organization. As the impact of the skills gap grows, access to training and certification is an important way in which the sector can begin to increase the number of qualified candidates. Another impactful strategy is the introduction of diversity programs to bring under-represented groups such as women and newcomers to Canada to the field.
Certification is worth it
The Fortinet report shows that almost all of the organizational leaders (95%) surveyed believe that technology-focused certifications positively affect their team, while 81% prefer to hire people with certificates. Nearly 80 percent of respondents said the certifications raised awareness and awareness of cybersecurity. The benefits of certified staff are such that 91% of respondents said they were willing to pay for an employee to obtain a cybersecurity credential.
Education providers and industry leaders are taking a step forward to help prepare the cybersecurity workforce, but more needs to be done to accelerate training and remove barriers. In addition to prioritizing recruitment with certifications, 87% of organizations have implemented in-house training programs on cyber awareness for all employees. Designed to create a cyber culture within a company, these training programs may not always be effective. In fact, 52% of leaders surveyed believe that employees do not yet have the necessary knowledge. Of those who do not have a program, 66 percent say they are currently looking for a program that suits their needs. Programs such as Fortinet’s security training and awareness service and regular updates on cyber threats from Fortinet’s FortiGuard labs are one way organizations can help employees support efforts to prevent and significantly improve their security breaches. safety posture.
Cybersecurity is a team effort
Cybercriminals develop attacks faster than ever before and use sophisticated cybercrime strategies that do more harm. Fortunately, organizations are making deliberate efforts to improve cybersecurity and deploy qualified and empowered teams. While the right people with the right skill sets are critical to operational safety, success is also determined by pairing these teams with the right technologies. A combination of people, processes and technology is the best defense for any organization. When all three work together effectively, the result can be a significantly improved security stance and a reduced cyber risk.
Rob Rashotte is Vice President of Global Training & Technical Field Enablement at Fortinet