March 29, 2017

Cybersecurity expertise: High demand and short supply

The importance of cybersecurity for today’s organizations cannot be underestimated. With the frequency and severity of recent data breaches, we have entered an unprecedented era. So it’s no secret that cybersecurity experts are are in extremely short supply. Put simply, there are more needs for cybersecurity professionals than there are people to fill these roles.

A Problematic Shortage

According to ESG research, 46% of organizations have indicated that they have a “problematic shortage” of cybersecurity skills in 2016, up from 28% in 2015. Cisco estimates there are more than 1 million unfilled security jobs worldwide. Of those who responded to the ESG survey, 33% said their biggest deficiency was cloud security specialists, followed by 28% who pointed to a deficiency with network security specialists, and 27% who have a shortage of security analysts.

What this means for modern decision-makers and IT engineers is that hiring from the outside can be an exercise in futility. Finding and onboarding new cybersecurity hires especially in a competitive market is expensive, but the alternative solution to searching for cybersecurity talent maybe closer than you think.

Why not retain your current staff? This strategy may hold the key to easing the staffing crunch and could be at a lower overall cost. The University of Pennsylvania’s Wharton School conducted a study in 2012 and found that external hires were paid 18% more money than internal hires, and overall their job performance was lower than those who progressed from within.

How Training Current Staff Will Make Your Organization More Secure

Many of your IT staff have already learned the ins and outs of your network, which ends up playing an extremely important role in their day-to-day responsibilities. Because of this vast knowledge of your networks and how they operate, your current IT staff have a distinct advantage when it comes to internalizing the principles of cyber attacks and applying them to your organization.

Thumbnail_Hacker

Security is no longer a one department endeavor – it affects networks, databases, applications, developers, etc. For example, network engineers who have been focused on routing and switching without proper security training could leave your organization vulnerable. Cybersecurity expertise requires one to “think like the bad guy” and take an artful approach to analysis and detective work.

Even employees who have operational responsibility need to understand how to identify and respond to attacks. John Pescatore, director of the SANS Institute, says network engineers can most benefit from three skill sets: penetration testing, understanding the role of DNS in security and network security forensics. Other in-demand skills include data analytics and cloud security. Building security into every aspect of your IT department to make your organization security-centric requires training at all levels.

Benefits of Training In-House Staff

There are a number of benefits that come along with training internally. These include:

  • Enhanced Cybersecurity: Once your entire team understands the finer points of cybersecurity, your network will be less vulnerable.
  • Improved Response: A security-centric organization is more likely to catch a breach in the early stages, and they can quickly respond and mitigate the damage.
  • Better Performance: When you offer employees advancement through training, you will increase job satisfaction and loyalty.
  • Reduced Costs: New hires can be significantly more costly in the long run than retraining current staff.

Arrow Education Services

Building fluency in security throughout your organization will ultimately enhance the overall safety of your network. Arrow Education Services is an expert provider of IT professional training programs that are delivered in a variety of ways to fit your employees’ schedules whether it’s on-site, online, self-paced or micro-learning courses.

Our wide range of subject matter expertise is the result of combining our in-house expertise with that of our large vendor network. Arrow Education Services is uniquely able to provide cross-functional training courses that will bring your cybersecurity skills up-to-date. Our leading-edge programs are nimble, cost-effective and available to meet the needs of today’s busy workforce. Call us today!

Contact Us

To learn more about Arrow Education Services, please contact us by phone at 888.305.1251 or email at arrow_learningsales@arrow.com.