Recent Coverage Focuses on Challenges Facing Organizations Competing for Cybersecurity Talent in a Competitive Market

Harvard Business Review
‍“What Business Needs to Know About the New U.S. Cybersecurity Strategy”
‍April 14, 2023

“On March 2, 2023, the Biden administration released its long-awaited National Cybersecurity Strategy. In light of cyberattacks targeting American infrastructure, business, and governmental agencies, the document elevates cybersecurity as a critical component of the United States’ economic prosperity and national security. It also intimates a fundamental dilemma, which is that the private sector — with key stakeholders consisting of software firms, small- and medium-sized businesses, broadband providers, and utility companies — holds the key to the public good of cybersecurity.”

READ MORE

Dark Reading
‍“Rethinking Cybersecurity's Structure & the Role of the Modern CISO”
‍April 10, 2023

“Effective cybersecurity operations are as unique as the business models and technology choices of the companies they protect. Their creation and management are constantly complicated by a lack of common terminology and set of expectations, due mainly to the chaotic path our industry has taken since its relatively recent birth. 

“Cybersecurity leaders are similarly difficult to measure and understand because our language and their capabilities aren't clear, with the lack of a common nomenclature further reflected in the assessment of skill sets and qualifications. The mix of cybersecurity complexity, opaqueness, and urgency creates a vague picture of who can successfully lead and hold responsibility for the operation.”

READ MORE

SC Magazine
“Where the cybersecurity market is headed and what it means for you”
‍April 3, 2023

“The global cybersecurity market has the potential to grow to between $1.5 trillion and $2 trillion in the next few years, 10 times the size of the market today, says a recent report from McKinsey and Company.

“Half of that growth potential lies in just two areas: outsourced services such as managed security service providers (MSSPs) and managed detection and response (MDR) providers, and in-house security and operations management.”

READ MORE

Security Intelligence 
“Is Cybersecurity Facing its Own Great Resignation?”
‍‍April 3, 2023

“Research from BlackFog found that almost a third (32%) of CISOs or IT cybersecurity leaders in the U.K. and the U.S. are considering leaving their current organization. Among those with plans to leave, a third are hoping to quit within the next six months. Reasons for their dissatisfaction included a lack of work-life balance (30%) and too much time spent on firefighting rather than focusing on strategic issues (27%).

“The survey also found that frustration stemmed from the skills shortage and the many changes in cybersecurity. Many of the leaders (52%) reported struggling with new frameworks and models, such as zero trust. One in five leaders also found the skill level of their team to be a serious challenge. Staying on top of the rapidly changing industry was also stressful, with 54% saying keeping up with the latest on solutions was hard and 43% reporting it was difficult to keep pace with the innovations.”
‍
READ MORE

Security Magazine 
‍“17% of security leaders consider cybersecurity team fully-staffed”
‍March 28, 2023

“Security leaders' perception of their own cyber resilience was analyzed in a recent study by Immersive Labs. Despite high confidence in overall resilience, the study found that teams are insufficiently prepared for threats, as 82% agree they could have mitigated some to all of the damage of their most significant cyber incident in the last year if they were better prepared, and more than 80% don't think, or are unsure, their teams have the capabilities to respond to future attacks.

“Seventeen percent of respondents consider their cybersecurity team to be fully-staffed and almost half of respondents admit they aren’t able to measure cyber capabilities, further eroding confidence in the organization’s preparedness. When cyberattack prevention and damage control are both lacking, organizations may be more vulnerable than initially thought.”

READ MORE

CSOOnline
‍“Fortinet 2023 Skills Gap Report: How organizations can fill the talent shortage” 
March 23, 2023

“The ongoing cybersecurity talent shortage presents challenges for organizations everywhere. As critical roles remain vacant far too long, already overburdened IT and security teams are grappling with a long list of responsibilities to safeguard their corporate networks, and that’s just the tip of the iceberg. Meanwhile, cybercriminals show no signs of slowing, launching new, more sophisticated attacks at every turn. As a result, IT and security leaders are facing the perfect storm: They’re navigating an unprecedented increase in cyber threats while simultaneously searching for skilled professionals to fill essential positions.

“Historically, organizations have sought ‘traditional’ candidates to fill cybersecurity roles—those with a degree in a related field or prior cyber work experience. Yet with a cybersecurity workforce gap of 3.4 million people, the recruiting strategies of the past aren't sufficient to attract and retain the new talent the industry desperately needs. With breaches becoming increasingly common and costly, more than two-thirds of business leaders (68%) say that unfilled IT and security positions pose a significant risk to their enterprises.
‍
“To gain greater insight into how the cybersecurity skills gap is impacting organizations and the unique approaches they’re taking to recruit for critical positions, Fortinet conducted its 2023 Global Cybersecurity Skills Gap Report. We surveyed over 1,800 IT and cybersecurity decision-makers across 29 countries, with respondents working in a range of industries, such as technology (21%), manufacturing (16%), and financial services (13%).”

READ MORE

Forbes
‍"Board-Level Cybersecurity Conversations: Three Questions To Ask Your CISO And CIO”
‍March 8, 2023

“In recent years, the chief information security officer (CISO) role has become critical in safeguarding organizational data and protecting against cyber threats. It's become a common trope, though, that cybersecurity is a team sport. As the saying goes, it's everyone's responsibility, at least in some part. 

“In this article, I'll explore fundamental questions that the board of directors can ask other senior leaders alongside the CISO about cybersecurity culture, support and alignment. Boards can be influential in encouraging and building a culture of cybersecurity excellence, especially among the leadership team they directly interface with.”

READ MORE

Security Boulevard
‍“Why Healthcare Cybercrime is the Perfect Storm”
‍March 7, 2023

“It’s Friday night. You, your husband, and your two children are settling in for a fun pizza and movie night together.  Unexpectedly, your elderly neighbor, Anne, calls in a panic. Her husband Steve is having severe chest pains. While Anne has already called emergency services, she asks that you come over to help. As an internal medicine doctor, you know that Steve’s treatment in the next several minutes and hours is absolutely vital. While Steve has the benefit of world-class care at your local medical facility, his recovery and, survival may be hindered by an unlikely yet increasingly pervasive and insidious factor in healthcare – it’s called cybercrime. And it’s running rampant, skyrocketing vulnerabilities, bankrupting healthcare organizations, and—of grave concern–degrading patient care. This is happening at healthcare facilities around the world, none of which are exempt from its potential and often devastating impacts.”

READ MORE

Security Magazine
‍“Security's 2023 Top Cybersecurity Leaders”
‍March 1, 2023

“Security magazine is proud to present the honorees of our 3^rd annual Top Cybersecurity Leaders program, which highlights enterprise information security executives and professionals and their industry accomplishments. This year’s nominees serve important roles across their organizations and the cybersecurity field as a whole, leading by example and bettering security through innovative approaches to risk and technology.

“The goal of the Top Cybersecurity Leaders program is to spotlight cybersecurity professionals who are making a difference in their organization and/or in the industry as a whole, and this year’s nominees didn’t disappoint. Our editorial staff was blown away by the caliber of this year’s nominations. We received an overwhelming number of nominees with years of experience, industry impact and cybersecurity leadership.”

READ MORE

Information Week
‍“Closing the Cybersecurity Talent Gap”
‍February 28, 2023

“Despite recent layoffs announced by Amazon, Google, Microsoft, and others, some tech professionals remain in short supply, particularly skilled and creative cybersecurity experts. To find the professionals needed to protect their systems against cyberattacks, IT leaders are increasingly turning to various creative approaches.

“Cybersecurity talent remains in high demand for 2023 and is predicted to remain in demand for the foreseeable’, says Doug Glair, cybersecurity director with technology research and advisory firm ISG. ‘To address this challenge, companies must leverage traditional HR recruiting, hiring, and retention strategies, along with some non-traditional strategies, to address the ongoing demand."

READ MORE

Dark Reading
‍“Cybersecurity Jobs Remain Secure Despite Recession Fears”
‍February 16, 2023

“Cybersecurity professionals will likely weather an economic downturn better than most other workers, as corporate executives worry that a recession could bring an increase in cyberattacks and acknowledge the difficulty in hiring knowledgeable workers, according to a new study by (ISC)2, a cybersecurity certification group.

“The survey of 1,000 nontechnical C-level business leaders found that companies are more likely to cut employees in human resources, finance, and operations, and least likely to cut in cybersecurity, IT, and operations.

“The reasons are pretty clear: 87% of executives thought a reduction in their cybersecurity team would increase their business risk, and 80% believed that economic troubles will lead to more cyber threats.”

READ MORE

SME
‍“How SMEs can bridge the cybersecurity skills gap”
‍February 1, 2023

“It seems we’re finally starting to see signs of growth in digital skills materialising. According to the (ISC)² 2022 Cybersecurity Workforce Study, the size of the cybersecurity workforce reached an all-time high of 4.7 million in 2022. However, the very same report suggests that there was still a shortage of 3.4 million security professional last year, up 26% from the figures recorded in 2021.

“The crux of the problem is simple: Yes, the global cybersecurity workforce is growing, but so too is the gap in the number of professionals required to combat an ever-evolving threat landscape.”

READ MORE

The HR Director
‍“Narrow Talent Pools are Preventing Tech Diversity” 
‍January 23, 2023

“The ‘Diversity in Tech*’ report has revealed that 85% of businesses currently have trouble sourcing a diverse range of tech talent, with 55% stating that they struggle to recruit entry level tech employees from underrepresented groups in particular compared with 28% for mid-level positions and 17% for senior roles.

“However, the research also showed that many businesses are still recruiting entry level talent from a very narrow pool. Of those businesses surveyed, 21% said that they exclusively hire graduates from top universities, and a further 39% said that they are more likely to hire graduates from those institutions. Only 28% said that they consider applications from all universities equally, with even fewer (8%) stating that they consider all types of higher education qualifications.”

READ MORE 

MIT Sloan Management Review
‍“An Action Plan for Cyber Resilience”
‍January 4, 2023

“The NotPetya malware attack of 2017 encrypted the systems and disrupted the operations of global businesses, starting in Ukraine and spreading rapidly to over 60 countries around the world. Global shipping company Maersk, one of the worst hit, ultimately needed to rebuild its entire IT infrastructure. In the nine days it took to get its systems back online, the company struggled to continue operations using manual workarounds that teams came up with on the fly. In the end, the incident cost Maersk nearly $300 million…

“Given that it’s impossible to protect against all new cyberattacks, it has become critical for companies to reduce the impact of cyber breaches by focusing on cyber resilience. Cyber resilience requires a systematic, structured, adaptive approach and cannot be relegated to the office of the CIO or chief information security officer. Because it potentially involves all parts of the business, it must be led by the C-suite and board.”

READ MORE

Allianz
‍“Allianz Risk Barometer: Identifying the major business risks for 2023”
‍January 2023

“The 12th Allianz Risk Barometer incorporates the views of 2,712 respondents from 94 countries and territories. The annual corporate risk survey was conducted among Allianz customers (businessesaround the globe), brokers and industry trade organizations. It also surveyed risk consultants, underwriters, senior managers, claims experts, as well as other risk management professionals in the corporate insurance segment of both AGCS and other Allianz entities.” 

‍READ MORE