The Cybersecurity Skills Gap- What is it? When did it start? Who can benefit?
What has been happening in Cybersecurity?
1988: Robert Tappan Morris created and released over the internet the first ever computer worm, now known as the Morris worm, in order to highlight security flaws. In the end, this served as the first distributed denial of service cyber-attack in history.
2005: A group of hackers stole 94 million credit card records from TJX Companies, Inc. At the time, Avivan Litan, an analyst with Gartner Inc., expressed her surprise at the scope of the breach saying, “If this isn’t a wakeup call for stronger card and payment system security, I’m not sure what is.”
2013/2014: Yahoo disclosed a series of breaches that revealed 3 billion user accounts had been compromised. The data included real names, email addresses, dates of birth and telephone numbers. After the disclosure of the breach(es), Yahoo’s sales price to Verizon dropped by $350 million.
2019: Data breaches continue to become larger in terms of numbers and impact. Hackers are becoming more sophisticated and are realizing the value of certain data. By 2020 a third of our data will be passed through the cloud. While organizations grow more aware of the seriousness of cyber-attacks, they are still uncertain as to how they can use financial and human resources to defend against and respond to cyber threats effectively.
Unmistakably, companies’ digital data is more vulnerable than ever and their cybersecurity risk management strategies cannot compete with the abilities of cyber criminals. What are the limits to cyber-attacks? Way beyond financial implications. Political control, physical and reputational destruction of companies are well within reach of criminals.
Okay, we know the threat is real. What are companies doing about it?
It (hopefully) has become abundantly clear that no size company, no industry, no network is completely safe. While it was once accepted that cybersecurity defense was enough, now companies are realizing having a plan in place to identify and neutralize intruders once they strike is the priority.
“There are only two types of companies… companies that have been hacked and will be hacked again.”Robert S. Mueller, III
Former FBI Director, 2012
So companies (sort of) know what they need to do….but where are the people to do it?
Enter, the skills gap.
The World Economic Forum (WEF) released in its annual Global Risks Report, that there are estimated to be 3.5 million unfulfilled cybersecurity jobs by 2021. Demand for cybersecurity talent will continue to increase, as should the discussion defining what education and skills are required for future positions, in order to get society trained as soon as possible.
Traditional institutions and 4-year degrees have not been able to keep up with the demand. When you look at universities offering cybersecurity training, certificates, degrees- the list is pretty short. It’s because cybersecurity is a “new” complex field and traditional education hasn’t anticipated or been able to match the demand. Students are also realizing the time and financial commitment of a 4-year degree may not make the most sense for their cybersecurity goals. Cyber Intelligence 4U has partnered with universities in order to offer students a relevant curriculum that directly reflects the workforce needs, offered by boots on the ground teachers, that prepares students to enter the workforce immediately after the course.
We also are seeing a surge of high schools offering cybersecurity basic training in order to prepare students for high-demand jobs. Many of the courses lead to professional certification with students earning college credit for the classes or leaving high school and entering directly into the job force.
Until those students are old enough to be hired and gain on the job experience, companies focus on growing the skills level of their current employees and ensuring not only their IT departments but all departments engage in some level of cybersecurity training.
Who are the cybersecurity professionals?
Many people interested in cybersecurity believe that you must first have the hard skills associated with IT and cyber (later blog post about non-technical cybersecurity jobs coming soon). And while the fact is that many cybersecurity jobs do require a certain level of technical skill, equally important are the candidates’ “soft” skills. Marc van Zadelhoff, GM of IBM Security, was quoted in the Harvard Business Review saying, “unbridled curiosity, passion for problem solving, strong ethics, and an understanding of risks” are also highly desirable skills that would make a person sought after in the world of cybersecurity.
Cybersecurity teams will only become more and more crucial to a business’s longevity as cyber threat actors become increasingly clever and aggressive. Because of the high demand for cyber jobs, the lucrative salaries offered, and the lack of formal training needed, we are seeing more and more cybersecurity professionals from non-traditional, non-IT, non-technical fields join in the fight.
In order to begin to close the security skills gap employers are looking for candidates with the right traits rather than the right skills or degree. Current candidates for cyber positions include high school students, community college students, 4-year graduates, and employees with or without technical background looking for a career change, and finally, employees that want to shift into the cybersecurity team in their organization.
Have you considered a career in cyber?
If your curiosity has been peaked or if you have always wondered how feasible a career in cyber would be, don’t let your education or background determine your career path or limit your options. The demand is real. The demand is growing. The consequences for companies by not having a strong cybersecurity strategy and teams in place can be devastating.
If you believe you have the curiosity, desire to learn, and passion to begin and grow your career in cyber, you can. At Cyber Intelligence 4U we help you develop new skills you need and grow the ones you have. We educate you so upon completion of our program you are equipped with the right information that matches the current needs of organizations.
Contact us today to tell us your unique situation and to determine the first steps in making your cybersecurity career a reality.