The (ISC)2 association of cybersecurity professionals estimates there are now 4.7 million cybersecurity professionals being employed around the world, making for an 11.1 percent increase year-over-year for a total of more than 464,000 additional jobs.
At the same time, (ISC)2 in its 2022 report estimates demand for cybersecurity expertise continues to far outweigh the available supply. The gap in terms of an estimated 3.4 million additional cybersecurity positions needed grew 26.2 percent year-over-year, according to (ISC)2.
More businesses relying on external cybersecurity providers
A global survey of 11,779 of practitioners and decision-makers conducted by (ISC)2 also finds 43 percent of respondents reporting their organization can’t find enough qualified cybersecurity talent. As a result, just under half of respondents (48 percent) said their organizations will outsource more responsibility for cybersecurity to external service providers. A full 70 percent that work for organizations that have current staffing shortages identified relying more on outsourcing as the top approach to being employed to prevent or mitigate cybersecurity staffing shortages.
It’s also worth noting that, however, more respondents overall identified more flexible working conditions (64 percent), training (64 percent), hiring (62 percent) certifications (58 percent) investments in diversity (57 percent), automation (57 percent) and hiring for aptitude (50 percent) than those who identified outsourcing as means of preventing or mitigating staff shortages.
Internal and External rivalries can thwart collaboration
It’s clear that while a lot of progress may have been made in terms of narrowing the divide between internal and external cybersecurity teams there’s still a lot of work to be done. The trouble is too many cybersecurity professionals still tend to view their colleagues working for external service providers to be potential rivals. That cultural divide, however, is not in the best interests of anyone involved when considered against the scope of the collective threat faced. In fact, cybercriminals seem to have no issue with collaborating with one another to achieve their aims.
Rivalries between entities that should be allies is nothing new. One only needs to look toward law enforcement agencies to see how much reluctance there is to share information. Cybersecurity professionals often fall victim to the same rivalries. Of course, the senior managers that lead various cybersecurity teams are often complicit. Every leader to some degree would prefer it be their team that gets credit for thwarting an attack if for no other reason than making a stronger case of additional budget.
MSPs play an important role in fostering teamwork
Alas, the onus for keeping working relationships as smooth as possible usually falls to the managed services provider. More than a few MSPs have even gone so far as to let the internal team take the lion’s share of any credit in the name of fostering goodwill. After all, an enemy’s enemy is still a friend. It’s important to remember who the real adversaries really are. Nor is it likely that the need for additional cybersecurity expertise no matter what measure are taken is going to decline any time soon. MSPs at least to a point can afford to be more magnanimous when it comes to not taking credit but also the blame for when things don’t go as planned.
The best situation, naturally, is for everyone involved to appreciate the simple fact they are all working on the same team. When that goal is achieved many things that would otherwise be too difficult to accomplish suddenly seem quite possible. The challenge is, as always, gently reminding any team of cybersecurity professionals that take a lot of pride in their work to remember to check their egos at the customer’s door.
Photo: LeoWolfert / Shutterstock
