In the age of digital everywhere, there is an incredible reliance on data and information spanning all company sizes and industries. As a result, vulnerability to cyberattacks is at an all-time high, underscoring the importance of cybersecurity.
In the first of a series of cybersecurity articles, The Elephant in the Room: Cybersecurity Threats Pervasive, Yet Opportunities Prevail, Matt McBride described recent incidents of cybercrime and the devastation they caused. He shared information about Genesis10’s experience working with organizations to build cybersecurity programs to help shore up their cyberdefense capabilities.
A second piece, Demand for Cybersecurity Grows as Skills Become More Challenging to Recruit, examined the growing talent shortage for cybersecurity specialists, highlighting the importance of creating a multi-pronged talent acquisition plan to attract but also build workforce capabilities through training.
From our experience, we see that the supply of qualified specialists needed to protect our nation’s technology infrastructure is not keeping pace with demand. Research by PwC shows the cybersecurity workforce gap will widen to 1.5 million job openings by 2019, up from 1 million last year. With the nation hovering at near full employment, it has become increasingly difficult to find resources with the skills needed to protect an organization from an attack:
- A recent workforce study finds that businesses are experiencing significant delays of more than six months to fill IT security job vacancies, and that half or more of cybersecurity job applicants are unqualified. In the U.S. every year, employers are failing to fill 40,000 information security analyst jobs. The shortage puts a stain on current information security professionals and their organizations.
- “The profile of a security hire has transformed along with development practices and modern infrastructure,” notes Martin Rues, CISO at Outreach Corporation in a piece, Building the Next Generation of Cybersecurity Talent. “Today we require personnel with technical expertise [and] the ability to communicate across the business and balance the needs of multiple stakeholders, from product line managers to ops teams. Candidates need a combination of DevOps, security, and cloud experience.”
The talent market is tight and the cyberthreats continue to change, requiring professionals to keep pace. To support our clients, Genesis10 has a turnkey patch management capability to address and shore up known hardware or software vulnerabilities.
Recognizing cyberrisk as a top management priority, Genesis10 has expanded our ecosystem and partnered with HolistiCyber, a U.S./Israeli Cybersecurity consultancy firm that provides nation-state level expertise in cybersecurity to both the public and private sector. For our clients, HolistiCyber will provide cybersecurity advisory services, starting with completing a vulnerability assessment. Based on the assessment, HolistiCyber will develop a roadmap and go-forward strategy to shore up identified security gaps to include developing a comprehensive sustainability plan.
In August 2018, Marsh released the Global Cyber Risk Perception Survey which provides a lens into the current state of cybersecurity risk management at organizations around the world. Marsh’s survey captured the views of more than 1,300 risk professionals and other senior executives globally, representing 26 industry sectors. It found that “nearly two-thirds of survey respondents said that cyberrisk is among their organization’s top five risk management priorities.” Within the past 12 to 24 months, the executives surveyed shared that 69% have conducted a cybersecurity assessment to assess and identify cyberrisk as well as to outline a plan of action starting with employee cybersecurity education and awareness training.
What will your next move be?
Read related content on the Genesis10 blog: The Elephant in the Room: Cybersecurity Threats Pervasive, Yet Opportunities Prevail and Cybersecurity and Complexity.
Subscribe to the Genesis10 blog to continue your cybersecurity education.