As businesses move more and more into an online space, cyber crime is a growing phenomenon. Cyber attacks damage a company’s reputation and their profit margins – to the average annual tune of $3.8 million per annum. As the cost of these cyber attacks increases and criminal hackers get smarter, so does the demand for cyber security experts. But companies are now finding that skilled cyber security professionals are in short supply. So where did this gap in cyber security talent come from, and how can companies find top cyber security talent?
There are a variety of reasons that have led to the skills shortage, but the two most prominent lie in educational shortcomings and insufficient government policies.
The rate at which IT technology develops means that a cutting edge IT educational curriculum one year could be defunct the next. Universities have struggled to keep up, despite offering more than enough cyber security programs.
A study conducted by Intel Security with the Center for Strategic and International Studies (CSIS) reported that only 23% of IT graduates are fully prepared for the cyber security industry. That’s less than half of the trained IT workers feeling adequately prepared to fight today’s cyber threats.
The other side of the coin is the rate at which the market is expanding. Confronting a very similar challenge to educational institutions, businesses are finding that the IT markets and business opportunities vastly outstrip their capacity to address it. And unfortunately, government policies do little to help.
“Conventional education and policies can’t meet demand,” says the Intel Security-CSIS study. “New solutions are needed to build the cyber security workforce necessary in a world this connected.”
Mostly, the skills gap can be closed through a focus on education and training. As traditional educational institutions struggle to impart the necessary cyber security skills fast enough, employers are stepping in and addressing the gap with less conventional methods. Some companies, for example, are offering “nano degrees – industry credentials for the tech job of today – through courses of information security, secure systems and more. And these are being sponsored by and run through companies.
Education curricula should also be adapted to emphasize security as much as possible. Companies and government agencies should invest greater amounts into scholarship and internship programs so that cyber security graduates are exposed to the pace of real world cyber threats.
In addition, corporates have a responsibility to educate the educators on what the future of online security looks like. What better way to keep in touch than through regular updates from the frontline of battle? This extends to human resource departments as well. If people hiring the cyber security professional understand the threat, then they can better fit the hiree with the position.
Fortunately, companies are increasingly aware of the benefits of cyber security and investing more heavily into it. In time, academic programs will catch up. Until then, if companies don’t have the skills needed, there are other options such as third party security firms and cyber security technologies. Read more on these security options and how you can use SMS to improve your website security.