Cyber Security Labor Shortages Means Some Turn To Alternative Routes For Hiring
By Christine Kern, contributing writer
According to the Cisco 2014 Annual Security Report, there is a significant labor-shortage in the field of cybersecurity.
The report explains, “The sophistication of the technology and tactics used by online criminals — and their nonstop attempts to breach network security and steal data — have outstripped the ability of IT and security professionals to address threats. Most organizations do not have the people or the systems to monitor their networks consistently and to determine how they are being infiltrated.”
Security professionals with data science skills — able to understand and analyze security data — are also in short supply, according to Cisco. These are key skills for improving alignment with business objectives.
To meet this growing gap, according to Bloomberg Business Week, many tech companies are side-stepping the degree requirement to hire. Although colleges and universities are responding to the shortage by creating cybersecurity degree programs, they cannot keep up with the growing need, so some of those companies are creating their own training programs, Bloomberg reports.
In its 2014 annual security report, Cisco estimates the gap between the demand for qualified cybersecurity professionals and the supply of those workers is at 1 million people globally. Meanwhile, Frost & Sullivan conducted a survey of 12,000 information security specialists, and found that more than half (56 percent) reported inadequate IT security staffing.
To help fill the void, Symantec created a pilot project to train urban youth for entry-level cyber security positions. “There is an enormous global shortage of trained cybersecurity professionals, even though some jobs can be done without a four year college degree. With youth unemployment at twice the national average, companies like Symantec must take action. It’s time to bridge that gap and change the world, by building skills to protect the future,” Aled Miles, senior VP, Latin American geography and global strategic accounts, states on Symantec’s website.
So, what types of tasks will a new cybersecurity hire need to be trained to do?
“People who graduate with a four-year degree related to cybersecurity, they’re not going into entry-level positions, they’re going straight to jobs requiring more experience,” says Marian Merritt, director of cyber education and online safety programs at Symantec. “Yet companies are desperate for the analysts who do the grunt work of cybersecurity, looking at network logs, administering systems settings, etc.”
New cyber security experts need to have vocational training, experience in cloud security, and in creating disaster recovery plans. As Cisco points out, organizations often neglect to question how security software or patches are maintained and upgraded by vendors. And, there is a growing pressure for security experts to be skilled in data analysis, which can lead to important discoveries about data breaches and their sources.