So, we are currently looking at a world stage led, to all intents and purposes, by a figurehead who is more than a little questionable in his views and policies regarding the socioeconomic and political climate in the US. Well, what does that mean for cybersecurity?
The rise and rise of cybersecurity is a true enough perspective on the increasing demand and growth of this area of information security. Where there is no doubt is in its global necessity, however with a worrying lack of the right people collecting the right skills to jump on board the cyber defence force, the issue at hand is how we move forward to rectify this disproportionate scenario.
In the US in particular, the number of cyberattacks infiltrating the country’s infrastructure points to critical vulnerabilities with their current information security strategies, which is why – amid his interesting viewpoints on immigration and the like – it is imperative that Trump affords considerable and serious attention to forging a solid path for the future of cybersecurity roles.
From the political perspective to the practical, for candidates contemplating a future in the cybersecurity field, something the majority of employers and businesses would welcome given the skills shortage; acquiring skills in key areas such as security analysis, application security and cloud computing would put them at a great advantage as far as job opportunities. At the entry-level end of the job spectrum, for roles including information security analyst, more university and college leavers are needed than the current state of play. Those graduates coming onto the market are only filling a relative handful of the cybersecurity roles available. Representing an important asset in the cybersecurity function, these lower-end positions entail the necessary monitoring of information to unearth abnormalities and alerts that indicate a possible cyber threat.
At the more experienced end of the scale, it is the mid-level to senior cybersecurity specialist positions that companies are having the greatest trouble with filling. Advice to companies intent on retaining or recruiting people to their cyber defence teams is to provide the relevant training to ensure their cybersecurity analysts and information security analysts are able to stay ahead of increasingly dangerous threats. Together with the effective management of time, delegation and career progression, the outcome will yield a stronger, more capable information / cybersecurity force.
In a recent report, published by ESG/ISSA, 371 cybersecurity professionals were quizzed on the key areas where organisations they worked for had the most critical skills deficits. The majority of respondents pinpointed the need for security analysis and investigations skills, a set of expertise that take years to develop and thus prompt companies to entice the more experienced cybersecurity professionals away from their existing positions. Additionally at the senior end, the shortage of security engineers is concerning for organisations that need these individuals to apply their deep security technology and engineering knowledge to optimising businesses for the digital age.
Application security skills was the second biggest area for talent shortage and as one of the most important areas of Infosec, what with the rise of the smart-everything as the world becomes increasingly digitised, this is a skillset that demands the right people to adequately prep themselves for a job in Cybersecurity.
Meanwhile, the move from desktop to public and private cloud infrastructure indicates that opportunities are only set to grow for those with cloud security expertise, and they come with pretty impressive salaries too. Penetration or pen testers too are in demand.
So, will the Trump administration acknowledge the need to thrash out practical strategies for reducing the talent deficit in order to fill the million or so cybersecurity jobs currently lying about the marketplace? Only time will tell.