IT Pros who can handle cybersecurity are in short supply
- 25% of mid-market (i.e. 100 to 999 employees) and enterprise (i.e. more than 1,000 employees) report a “problematic shortage” of IT security skills.
- 36% of organizations increasing IT headcount this year plan to hire information security staff. Of all the IT headcount being added in 2013, hiring information security professionals is the highest of priority.
- 83% of enterprise organizations say that it is “extremely difficult” or “somewhat difficult” to recruit and hire information security specialists. Those organizations having the hardest time include companies in rural areas, mid-market firms, and vertical industries like academia, and the public sector.
IBM recognizes that a dearth of cybersecurity skills presents a threat to its customers, its security business, and its services organization. IBM is trying to do something about it. IBM just published a paper called, Cybersecurity Education for the Next Generation
https://www.e-janco.com/Register_Security_IBM_Paper.htmlThe paper provides a high-level overview of the current state of cybersecurity skills and education and then suggests a few changes. IBM suggests that cybersecurity programs must become:
- More comprehensive. Yes, firewall rules and AV signatures are important, but the next-generation of cybersecurity leaders need to be able to understand cybersecurity as it relates to the business, legal system, and society. This means that cybersecurity education has to branch out from the Computer Science department alone.
- More cooperative. Cybersecurity protection doesn’t work when the CISO and team are not part of business, IT, and application planning. That said, many groups view the security team in an adversarial way. The next-generation of cybersecurity leaders must be able to break down legacy walls and become business facilitators rather than business impediments.
- Book smart and street smart. We need cybersecurity people who understand what works in theory and practice. A degree or certification alone isn’t enough.