Recent research published in the fifth annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG) indicates there is a recruitment crisis in the cybersecurity industry.
According to the research, the cybersecurity skills crisis continues on a downward, multi-year trend of bad to worse and has impacted more than half (57%) of organisations globally.
The Life and Times of Cybersecurity Professionals 2021 report surveyed 489 global cybersecurity professionals and reveals that the crisis is taking on a number of different nuances that organisations are finding difficult to manage. Findings included:
- An increasing workload for the cybersecurity team (62%)
- Unfilled open job requisitions (38%)
- High burnout among staff (38%).
Furthermore, 95% of respondents stated the cybersecurity skills shortage and its associated impacts have not improved over the past few years and 44% say it has only become worse and compounded by the Covid pandemic.
Notably, the three most often cited areas of significant security skills shortages include cloud computing security, security analysis and investigations, and application security.
Pieter Vanlperen of New York City-based PWV Consultants said: "There has been a known shortage of software developers in the technology industry for some time, security is no exception. There are currently about five jobs for every one developer (roughly), so the inability of companies to find cloud computing security pros isn’t all about knowledge. Much of the problem is around a simple lack of people rather than what people know. Even so, cloud computing is still more secure than traditional methods.
"Cloud service providers, ensure that storage systems are backed up thoroughly so that nothing gets lost, even in the event of a breach. They also have dedicated specialists who can walk businesses through how to use the cybersecurity services they offer. So, yes, cloud computing is still safe. Businesses should make sure they understand the security risks they assume versus what falls under the umbrella of the cloud provider so that proper adjustments can be made, but every business should be utilizing the cloud. Technology is eating the world, digital transformation trends force businesses into the cloud to stay competitive, and while it can be difficult to find developers to keep in-house, there are always experts who can be called upon for assistance."