Share This:

Cybersecurity Skills GapCybersecurity threats are growing in frequency and sophistication, and organizations industrywide are grappling with a critical shortage of skilled cybersecurity professionals to defend against them. A World Economic Forum report reveals that the cybersecurity skills gap widened by 8 percent last year, leaving an estimated 4.8 million unfilled cybersecurity positions. Only 14 percent of survey respondents feel their organizations have the right cybersecurity expertise to mitigate these growing risks effectively.

The report also found that 67 percent of respondents reported a moderate to critical skills gap in cybersecurity, while 23 percent of organizations are now recruiting outside traditional cybersecurity degrees or credentials to get the needed help.

Meanwhile, industry organization ISC2 reports that the global cybersecurity workforce has remained largely stagnant at 5.5 million, against a rising demand of 10.2 million positions — an 8.1 percent increase from the previous year. This highlights a widening gap between the need for skilled professionals and the available workforce. In fact, over two-thirds of companies (67 percent) are facing some form of cybersecurity staffing shortage, with more than half of them acknowledging that these shortages pose significant risks to their organizations.

Skills shortage fuels cybersecurity incidents

NIST published an infographic of cybersecurity statistics, noting that Gartner predicts that by this year, lack of talent or human failure will be responsible for more than half of significant cybersecurity incidents.

ISC2 also found that while 66 percent of respondents reported being satisfied with their jobs, overall job satisfaction was down 4 percent. A whopping 90 percent of organizations reported skills gaps in their security teams. AI was listed as the biggest shortfall, followed by cloud computing, zero trust, incident response, application security and penetration testing.

According to the ISC2 report: “The static size of the cybersecurity workforce, accounting for regional variances, suggests that existing roles are not being lost amid cost-cutting to the same extent as in other areas, but at the very least it has canceled out any net new job growth. It also highlights the importance of creating job opportunities for the next generation of professionals to enter the workforce, alongside upskilling existing professionals with the right capabilities.”

While this staff shortage (or limits on hiring) affects managed service providers (MSPs) and customers alike, it does present new opportunities for MSPs willing to invest in automation and partner with solutions providers to help fill in some of these critical gaps.

MSPs with the right suite of remote monitoring and management solutions, email and cloud-based security tools, and 24/7 security operations center (SOC) capabilities can help customers address these shortages efficiently and cost-effectively by offering the ability to monitor, detect and respond to cyberattacks in real-time without putting an additional burden on internal staff.

MSPs can provide much-needed support, including managing patches and updates, providing ongoing security awareness resources, and offering cyberattack simulation services. They can also provide much-needed guidance and expertise around artificial intelligence (AI) and other new solutions their clients may be rolling out so that systems are deployed securely.

Beyond traditional hiring: Expanding the talent pool

However, MSPs are also facing a shortage of skilled employees and technicians, so finding solutions vendors that can help you fully support your entire client base is critical. XDR and SOC offerings can provide MSPs a way to create a comprehensive cybersecurity package for customers without spreading their internal resources too thin.

It’s also vital for MSPs to bolster their staffing to support clients by thinking creatively. The World Economic Forum and ISC2 recommended looking outside the universe of people with computer engineering degrees and taking a skills-first approach to finding new talent.

As ISC2 put it: “Hiring a diverse mix of people, from entry-level professionals to the most experienced, not only creates opportunities to bring the next generation into the workforce, it ensures cybersecurity job opportunities keep growing. This approach enables more hires within the available budget than hiring just the most experienced professionals alone. It creates a sustainable long-term pipeline for knowledge transfer from those experienced professionals to the next generation of cybersecurity professionals as they come into your organization.”

The cybersecurity labor shortage is an ongoing problem that MSPs can help address both by expanding their potential pool of employees and offering their clients automated and centralized cybersecurity solutions that help address these critical skills gaps.

This article was originally published at Channel Futures.

Photo: feriagashi / Shutterstock


Share This:
Geoff Thompson

Posted by Geoff Thompson

VP, Managed Services Strategy and Development, Barracuda Geoff Thompson currently serves as the vice president of managed services strategy and development at Barracuda. Prior to joining Barracuda, Thompson was with VMware for over 17 years, where he held several sales and leadership roles, culminating in vice president of VMware Cloud Provider sales.

All Posts

Leave a reply

Your email address will not be published. Required fields are marked *