The cybersecurity skills gap shows no signs of going away. With the workforce being more distributed than ever before as a result of the COVID-19 pandemic, millions of workers around the world will continue to depend on remote access for months — or even years — after economies begin reopening.
More than ever before, organizations need to be creative and look to new solutions to address the cybersecurity skills gap. That means expanding talent searches and diversity efforts while also encouraging re-skilling among existing staff.
A recent survey by Fortinet found that 68 percent of responding organizations reported they struggled with recruiting, hiring and retaining cybersecurity talent. That's more than two-thirds of organizations finding it difficult to staff for a critical aspect of their business. That same survey found that certifications can help bridge that gap.
The gap persists
The industry has been sounding the alarm over the cybersecurity skills gap for years, but the problem still remains, with significant consequences. The Fortinet survey also revealed that 73 percent of organizations had at least one intrusion over the past year that can be partially attributed to a gap in cybersecurity skills; 47 percent had three or more.
Cloud security skills are particularly in demand — not surprising as more organizations shift to cloud infrastructure. When asked about the job that is hardest to fill, respondents most commonly cited the role of cloud security architect.
Technology-focused certification can help bridge the gap
Organizational leaders have to look to new approaches beyond the traditional talent pools in order to find the people with the skills they need to keep their networks safe in today's cybersecurity landscape. Technology-focused certifications are well suited as tools to validate the knowledge and skills of potential resources in a wide range of non-traditional recruitment strategies.
Certifications are also a great tool for enabling workers in other professions to add to their skillsets relatively quickly, providing opportunities to transition into careers in cybersecurity. When it comes to the value that security professionals place in the certifications they hold, there is no ambiguity. An astounding 94 percent of respondents believe that their certifications have better prepared them for their current role.
In terms of hiring and recruitment decisions, 82 percent of organizations prefer to hire candidates with certifications — citing them as validation of the candidate's cybersecurity awareness and knowledge.
In the rapidly changing field of cybersecurity, the specific information gained during collegiate studies can often become obsolete after only a few years. Certifications can complement academic studies enabling professionals to update their knowledge and skills every time they renew their certification.
In fact, a growing number of students are starting to pursue technology-focused certification before leaving high school, many of them entering the workforce directly after graduation.
Placing a greater emphasis and weight on certifications also enables companies to focus recruitment efforts on a much wider talent pool. This enlarged hiring base includes groups such as degreed professionals in other fields, IT professionals without a college degree, military veterans transitioning to civilian careers, and many more.
As mentioned above, organizations need to look beyond traditional recruitment strategies to close the skills gap. Military veterans, for example, offer a lot of untapped potential for organizations.
In the United States alone, more than 250,000 service members will leave active duty every year for the next several years. Each of these men and women will have an average of 15 years of specialized experience under their belts.
Organizations are starting to take advantage of this sector of the workforce. Among U.S. respondents to the Fortinet survey, 57 percent indicated that their cybersecurity team had hired at least one veteran. In fact, nearly half (49 percent) of U.S. respondents report that their organizations have a focused hiring program targeting veterans
Organizations that are actively recruiting veterans have benefited from a team with diverse perspectives and skill sets that complement a career in cybersecurity. Asked about positive attributes of their veteran colleagues, more than 40 percent of respondents cited their work ethic, their attention to detail and their ability to work in fast-paced, high-stress environments.
In narrative questions, respondents noted several other qualities in their veteran colleagues, including discipline, decision-making abilities, and a no-quit attitude. The data also found that veterans' starting roles at respondents' organizations covered a variety of job titles, but nearly half of them (45 percent) started their civilian careers as security administrators or SOC specialists.
The data is clear that cybersecurity leaders value the veterans who work in their organizations. It is also clear, however, that with a more deliberate effort at the corporate level, organizations could benefit further from the broad and deep skill sets of veterans — making another dent in the cybersecurity skills shortage.
Master the possibilities
As technology continues to advance, the cybersecurity skills gap continues to widen. It's a problem that multiplies with each innovation, such that traditional methods of training and recruitment alone cannot bridge the gap.
A new approach is needed, one that values the possibilities of untapped resources, such as veterans, and leverages technology certifications. Incorporating these factors will help organizations cast a wider net for recruitment while accelerating learning opportunities and ensuring that skills stay current and relevant — resulting in fully staffed effective cybersecurity departments.