Page 26 - Cyber Warnings
P. 26
Industry Addresses Challenges in Creating a Cybersecurity-
Capable Workforce
By Bob Chaput, CEO & Founder, Clearwater Compliance
Today there are an estimated one million job openings in the cybersecurity industry, according
to a Cisco report. That figure is expected to jump to 1.5 million unfilled positions by 2019.
Dice, a career website serving information technology and engineering professionals, recently
reported a 90% year-over-year increase in cybersecurity jobs. Based on these figures, it
appears the industry is heading in the wrong direction; demand for cybersecurity skills is on the
rise, and filling positions can be a long and difficult process, according to Search Security.
What’s more, job postings are up 74% over the past five years, according to a 2015 analysis of
numbers from the Bureau of Labor Statistics by Peninsula Press, a project of the Stanford
University Journalism Program. A recent survey by IDC and T.E.N. said it takes an estimated
three months to fill cybersecurity job openings — while senior leadership positions can take well
over 12 months.
This industry-wide employee shortage is creating significant challenges inside the walls of
today’s companies — problems compounded by the rising number and severity of security
breaches. According to a 451 Research study, 34.5% of security managers reported significant
obstacles in implementing security projects due to lack of staff expertise. As a result, only 24%
of enterprises have 24×7 monitoring in place using internal resources.
That’s the bad news. The good news that is a career in info-security is considered one of the
smartest choices available today — and for the next seven years. U.S. News and World Report
ranked a career in information security analysis eighth on its list of the 100 best jobs for 2015.
It’s not just a skills issue within the organization. To date, publicly traded companies have not
been required to nominate directors who are cybersecurity experts. Legislation recently
introduced by Senators Jack Reed (D-RI) and Susan Collins (R-ME) aims to embrace
Commissioner Aguilar’s suggestion. The Cybersecurity Disclosure Act of 2015 (S.2410) would
require the SEC to issue rules requiring public companies to disclose in their annual reports or
proxy statements whether any members of a company’s board of directors have any expertise
or experience in cybersecurity and, if none, to describe what other steps have been taken to
address cybersecurity when evaluating potential nominees.
Clearly, this challenge has to be conquered now if our nation’s corporate world and government
are going to keep their systems safe. The anxiety-producing statistics prove that the
cybersecurity industry must do more to attract the nation’s best and brightest to this industry and
give them the skills needed to succeed.
26 Cyber Warnings E-Magazine – March 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
