It’s been a rough couple of years for the information security industry. Following breach after high security breach, the top news story in the info sec world for the last year has been that the sector has slid into a big skills shortage, and the situation shows no sign of improving.
In April of last year, the seventh annual (ISC)² Global Workforce Survey, conducted by Frost & Sullivan showed 48% of cyber-security staff believed a shortage of skills was already heavily impacting their customers, and the situation is set to get worse with a shortage of over 1.5 million trained professionals projected for 2020.
Some areas are suffering more than others – ESG research suggested that 43% of IT organisations had a damaging shortage of cloud & server virtualization security skills, with 31% were lacking in endpoint security skills and the same percentage concerned about their shortage of network security skills. So we’re seeing the worst skills deficit in one of the areas that’s most rapidly expanding, and research suggests that by the time we reach that 1.5 million shortage in 2020, the average cost of a data breach will be $150 million – which would be alarming enough without industry-wide consensus that the regularity of attacks is increasing, with a 2015 ISACA survey reporting 1 in 4 organisations having experienced an “advanced persistent attack” in the previous year, and 3 in 4 were expecting to be targeted in the near future.
How did we get here? IT Security is a young field, and one that was initially populated mostly by people with more general computer science backgrounds who fell into security roles when the need sprung up for them. Over time, information security training and education options have grown but we’ve all reacted far too slowly and the demand for experienced infosec professionals has rapidly outstripped supply.
With millions of high level information security vacancies reportedly going unfilled worldwide, it’s clear that traditional recruitment in this field is not the most effective Kind Global Technology can discretely headhunt the leading information security professionals who are already working in roles similar to the ones your organisation needs. We may not be able to fill the global skills gap, but we can definitely make sure your organisation has the people it needs to stay ahead of the latest cyber threats.
If you’re concerned about how the IT security skills shortage could affect your organisation, or if you’re an infosec professional seeking career advancement, e-mail firstname.lastname@example.org or call 0121 643 2100