+
EDITOR’S QUESTION
MATTHEW BUSKELL,
AREA VICE PRESIDENT,
SKILLSOFT
/////////////////
C
ybersecurity is consistently rated as
one of the most problematic skills
shortage areas in the enterprise. In
2018, over 50% of companies surveyed by
the ESG (Enterprise Strategy Group) said this
issue was impacting their business. A survey
commissioned by (ISC)2 identified a glaring
skills gap on the horizon, projecting that the
overall cybersecurity skills shortage is set to
rise to 350,000 workers in Europe by 2022.
One of the most urgent requirements is to
address the lack of diversity in the industry.
According to a Frost & Sullivan cybersecurity
workforce study, just 11% of women work in
the cybersecurity profession globally. In the
UK, that figure falls to just 8%, despite the
sector experiencing double-digit growth and a
huge demand for new recruits. This represents
a vast untapped resource and organisations
need to address the discrimination barriers
that are disincentivising women from working
in this field.
There are some notable examples of
progress in the right direction. The UK’s
National Cyber Security Centre has created
courses to encourage girls to consider
studying the subject at an advanced level
and university. Similarly, since 2013 the Code
First: Girls organisation has been supporting
young adult and working age women in
the UK to develop relevant professional
skills, such as coding and programming,
and working with companies to help them
capture top female tech talent.
It’s also time for organisations to
demonstrate a greater willingness to recruit
for the traits required for cybersecurity
– lateral thinking, problem solving skills,
www.intelligentcio.com
an understanding of risk management –
rather than narrowly focusing on technical
certifications alone. This requires a depth
and breadth of vision that goes beyond
traditional thinking.
Organisations that fail to invest in training
and development for individuals from
non-technical backgrounds are taking a
short-sighted approach. Considering that
a significant proportion of executives
and C-Suite professionals have arrived
in the industry via non-technical careers,
companies cannot ignore the fact that
“
ORGANISATIONS
THAT FAIL
TO INVEST IN
TRAINING AND
DEVELOPMENT
FOR INDIVIDUALS
FROM NON-
TECHNICAL
BACKGROUNDS
ARE TAKING A
SHORT-SIGHTED
APPROACH.
employees from any walk of life can rapidly
acquire the technical know-how and
experience required to do the job.
Implementing a clear career progression
path for those taking on cybersecurity duties
will help incentivise existing IT personnel to
join the cybersecurity ranks. Forward-thinking
Chief Information Security Officers (CISOs)
are investing in increasing staff competences
and supporting career development through
mentoring and training in a bid to increase
levels of expertise needed to counter today’s
threat climate.
In the face of a persistent shortage of
cybersecurity skills, organisations must
broaden their view of the workforce to
developing new, previously untapped,
candidate pools. Diversifying the workforce
is a win–win for employer and employee
alike – a concerted effort and increased
investment will help make it happen sooner
rather than later.
INTELLIGENTCIO
33