Editor's Pick

Cyber skills gap leaves business vulnerable to attacks, new research reveals

<?xml encoding=”utf-8″ ?????????>

ISACA, the global professional association helping individuals and organisations in their pursuit of digital trust, has published new research looking at the state of cybersecurity.

The research finds that of the cybersecurity professionals who said they were experiencing an increase or decrease in cybersecurity attacks as compared to a year ago, over half say they are experiencing more cyberattacks.

Though businesses recognise the increased threat, less than one in ten of the organisations who complete cyber risk assessments do these monthly while two in five conduct them annually. The failure to regularly assess cyber risk leaves organisations vulnerable to attacks and increases the risk of breaches going undetected for prolonged periods.

A lack of human resource is contributing to businesses not measuring and testing their cyber defences regularly enough. Almost two thirds of respondents report that their cybersecurity team is understaffed. Of those organisations with unfilled roles in cybersecurity, 39% are looking to fill entry level positions that do not require experience, university degree, or credentials.  Typically, 44% of organisations state that they require a university degree to fill entry level cybersecurity positions when they have them.

Chris Dimitriadis, Global Chief Strategy Officer at ISACA, said: “Our findings show that businesses are still struggling to find the right people with the right skills to manage cybersecurity. With cyberattacks on the rise, if we do not solve these challenges and address the gaps, businesses, ecosystems of supply chains and public sector bodies could be at threat from a lack of vital protection, detection, response and recovery. Businesses do not exist in isolation from their customers or the other organisations within their network, and a cyberattack on one part of the ecosystem can have consequences for everyone else. This is why holistic training is needed towards creating a safer world.”

There are some simple steps businesses can take to tackle the cyber skills gap and improve their cyber resilience. Of those who are already making headway, half of the organisations surveyed are upskilling non-security staff, 46% are increasing the use of contractors or external consultants, and a quarter are adopting reskilling programmes.

Cybersecurity professionals believe that hands-on experience in a cybersecurity role, credentials held, and completion of hands-on cybersecurity training courses are very or somewhat important when determining if a cybersecurity candidate is qualified.

Chris Cooper, member of ISACA’s Emerging Trends Working Group, said: “If businesses are to maintain their cyber resilience in an ever-evolving threat climate, we must encourage and nurture talent in the cybersecurity industry. Employers are looking for people who already have hands-on experience, but we will only enable people to build that experience by creating more entry-level roles and investing in the right training and development for everyone in the industry, from the ground up.”

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

Your daily news source covering investing ideas, market stocks, business, retirement tips from Wall St. to Silicon Valley.

Disclaimer:

TheProficientInvestor.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice.
The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2021 TheProficientInvestor. All Rights Reserved.

To Top