Since 2022, the global cybersecurity workforce gap has expanded by 12.6%, now encompassing 4 million individuals, with 92% of cybersecurity professionals noting organizational skill gaps.
As per the ISC2 study, the top three skill deficiencies within organizations include zero trust implementation (29%), artificial intelligence/machine learning (32%), and cloud computing security (35%).
The study also revealed that in the previous year, nearly half (47%) of respondents encountered cybersecurity-related layoffs, budget reductions, and hiring freezes, affecting 22% of individuals directly or indirectly.
Moreover, 47% of participants admitted to having limited to no understanding of AI and its associated risks.
The primary challenges anticipated by cybersecurity experts in the next two years revolve around AI and emerging technologies (45%) and the scarcity of skilled workers (43%).
Despite these hurdles, a majority (52%) of cybersecurity professionals affirm that their companies endorse internal AI utilization, with AI advancements ranking third in enhancing company security, following automation (40%) and zero-trust (34%).
Establishing Talent Acquisition Strategies with Purpose
Mika Aalto, the co-founder and CEO of Hoxhunt, suggests that organizations can benefit from a specialized skills acquisition function that provides on-the-job mentoring and sponsors certification courses for deserving candidates from both internal and external pools.
He highlights the surge in demand for IT professionals and developers, which was met by a younger workforce and individuals transitioning from non-traditional backgrounds, reminiscent of previous talent shortages during technological revolutions.
Aalto views the security skills gap as an “excellent opportunity” that can be leveraged through improved diversity and inclusion initiatives. He advocates for the inclusion of women and people of color in cybersecurity, particularly those who have felt marginalized in other technical domains.
Tony Goulding, a cybersecurity evangelist at Delinea, suggests that organizations may need to seek external expertise to fill skill gaps while concurrently investing in upskilling existing employees. He emphasizes the importance of identifying core competencies, reskilling staff, and fostering internal talent growth.
Goulding also recommends staying abreast of emerging technologies and enhancing skills through internships for current and potential employees. He underscores the significance of addressing areas like AI, malware, complex IT infrastructures, and geopolitical challenges to fortify organizational capabilities and prepare for future demands.
Dave Ratner, CEO of HYAS, underscores the necessity for organizations to deploy observability solutions to detect anomalies and prevent breaches proactively. He emphasizes the critical shift towards administrative resilience in the face of escalating cyber threats.
Ratner advises organizations to strike a balance between resilience and protection, stressing the need for integrated security solutions to enhance real-time visibility and response capabilities. He emphasizes the importance of aligning corporate strategies to swiftly identify and mitigate security breaches effectively.