COMMENT
The world is facing an unprecedented number of cyber threats and historically low numbers of cybersecurity personnel. While cybersecurity and IT are not one-to-one industries, software developers, programmers, and other experienced technology workers have relevant technical skills that transfer well into cybersecurity. So why aren’t we developing this talent for cyber?
The cybersecurity industry has faced skills and manpower shortages for years. Furthermore, the IT talent gap combined with the overall growth trend cyber threats It means that businesses and public infrastructure are more at risk than ever from hacker attacks. As the era of digital transformation continues, technological innovation grows as does the number of people equipped to make it happen. It’s not hard to believe that they can defend him too.
Why the IT talent gap is growing
The need for IT solutions is growing exponentially for three main reasons. The first is the larger attack surfacewith beyond 15 billion connected devices in 2023, with more expected over the next decade. As the attack surface expands, the already daunting risk of cyber attacks increases. Additionally, the number of attacks occurring each year is growing, along with the frequency, sophistication, and impact of these attacks. Ransomware attacks, government-to-government espionage, and more frequently dominate the news cycle, demonstrating the need for increased security against a multitude of attack strategies. Finally, increased regulations continue to add to the pressure cybersecurity talent gap. For example, The TSA recently unveiled emergency cybersecurity requirements for airlines and airports, increasing demand for cybersecurity talent at the federal agency level. In all these cases, the need increases, but the amount of talent fails to catch up.
In specific areas such as operational technology (OT), a growing number of companies are adopting IT security talent to also be trained in OT cybersecurity. This shift has been accelerated by IT-OT convergence, where legacy OT technology previously not connected to the Internet is now integrated into IT systems. It’s a natural way to fill the talent gap by moving IT talent out of the IT field, which has proven to be successful.
How tech talent can make the leap to security
The main chicken-and-egg conundrum with the cybersecurity skills gap is that most companies looking for IT talent have limited resources and may only be able to hire one or two people in the cybersecurity field. IT security. Therefore, they may only employ a CISO or senior cybersecurity strategist who can handle the breadth of security threats the organization may face. As a result, there aren’t many entry-level opportunities for new IT hires. Without good entry-level positions, it is difficult for those entering the workforce to acquire the necessary skills, further exacerbating the shortage of experienced IT talent at the highest levels.
Hire IT talent and reskill them with cybersecurity skills helps alleviate this problem. Most tech companies offer basic security training and courses, and there is a high level of transferable skills between the two sectors. currently there are more than 500,000 open positions in the cybersecurity fieldand current or former tech workers have a unique opportunity to gain cybersecurity experience to fill these gaps.
One of the benefits of hiring talent from other industries is added value. While simultaneously addressing the talent gap, these hires add up diversity of thought and experience. This diversity could help improve resilience and operational efficiency, a key goal of tech companies, and skills you might not gain by hiring only cyber-focused talent.
Protection of public and private systems
When it comes to cyber attacks, the playing field between industries is not always level. Organizations that suffer most from cybercrime include the critical infrastructure sector due to the potential for greater damage than other sectors. In the last two years, 80% of hospitals have experienced a security breach, with the majority of these breaches tied directly to ransomware attacks. Additionally, in 2022, manufacturing companies experienced the highest rate of cyber attacks among major industries globally 25% of cyber attacks. When it comes to talent entering this space to protect these vulnerable systems, it is critical to mitigate the risk of these attacks with both solutions and people.
There are large differences in the computing resources available to public and private infrastructures. Since the private sector’s primary goal is profit, private organizations are incentivized to ensure their cybersecurity defenses are strong, while the public sector works for the public good and relies primarily on public funds.
Security platforms that focus on the top priorities in their risk mitigation strategy are also useful for organizations with limited resources. Additionally, the government has introduced resources to help bring new talent into the public sector. These include increasing cybersecurity budgets for public organizations, imposing more regulations and guidelines, and working closer with the private sector. Ultimately, public-private partnerships are crucial to closing the cybersecurity talent gap. The public and private sectors must work together to automate and optimize, reducing the growing need for talent and resources.
Overall, the cybersecurity industry is growing and has great potential for those looking to make the leap. Instead of focusing on joining the Googles or Metas of the world, I encourage professionals to consider IT roles instead, where you will be an integral part of your organization’s business resilience strategy, gaining visibility to C-suite level stakeholders and carrying out important work that can protect human safety or social stability.
The cybersecurity landscape of the future
Going forward, I would like to see a world where there are more public and private partnerships between working groups that leverage technology. THE The World Economic Forum led the way for these partnerships by cost-effectively modernizing infrastructure and improving the quality of life in local communities. However, this is just the beginning. To close the cybersecurity talent gap, we must look to strengthen these partnerships and use existing technological talent already available. Tech talent can make the leap into cyberspace and now is the time to act.