Recently, I was reading a few articles about Chief Security Officers (CSO) when I came across this piece: Understanding the Impact of the Cybersecurity Skills Shortage on Business. It was an excellent article which pointed out that in 2019 there was a global deficit of more than four million cybersecurity professionals the global cybersecurity workforce must now grow at a staggering rate of 145% each year just to meet the growing demand for skilled cybersecurity professionals.
The fact that there is a lack of cybersecurity professionals isn’t surprising, especially to anyone in our field of mobile app security. People who are interested in pursuing a career in cybersecurity and possess highly valued skills are scarce.
Which areas are being impacted the most?
So, we have a massive shortfall in the number of cybersecurity professionals, but where is the need most acute? The report Life and Times of Cybersecurity Professionals 2018 by ESG & ISSA found cloud computing security to be the most significant area impacted by the shortage of cybersecurity professionals, followed closely by application security. With an increasing number of transactions and data flowing through cloud environments, and having an app for, well, everything, lack of good cybersecurity to protect these platforms and apps presents a real problem in the fight against piracy.
How can we manage this shortage?
So how can we increase security standards and solve the cybersecurity professional shortage? The report by ESG & ISSA outlines four different strategies to address the shortage of cybersecurity professionals:
- Additional career growth and training.
- Expanding the type of qualifications needed to enter the field.
- Recruiting new graduates into the area.
- Recruiting internally from within organizations from related fields.
McAfee also published a similar study in July 2016 titled Hacking the Skills Shortage: A study of the international shortage in cybersecurity skills which suggested the following solutions:
- Redefining minimum credentials for entry-level cybersecurity jobs.
- Increasing the diversity of cybersecurity applicants.
- Providing more training opportunities.
- Collecting more data.
- Evolving skills for automation.
The Irdeto team has taken some of these recommendations within our own hiring process and we’re seeing some great growth within our in-house cybersecurity teams, but outside of more and better people, automation presents an interesting avenue to scale up quickly and securely.
How can automation help solve the problem?
This exception stuck out at me. Without a doubt, we need to train and incentivize more people to work in the cybersecurity field, but the gap is massive, and the need is NOW. Hiring, improved training, improved diversity are excellent initiatives, but another approach would be to enhance security tools and productivity. For example, the introduction of automated telephone exchanges reduced the necessity for switchboard operators. In cybersecurity, we can develop similar technologies to improve the productivity of existing cybersecurity professionals as an alternative means of solving the shortage, as suggested by McAfee.
Going forward: what’s the solution?
We all know that with the massive increase of working remotely, the risk of cybersecurity threats increases daily. On top of this growing risk, there is also shortage of cybersecurity professionals to address. One solution is to hire and train as many professionals as possible to do this work – if you can find any! Another solution is to automate app protection to enhance the overall productivity of the existing workforce. The shortage is a massive problem, and it’s not going to be an easy fix. Instead, it’ll have to be a mix of remedies ranging from personnel to technology.
Click here to get in touch with Irdeto’s Trusted Software team to learn more!