This report delves into cybersecurity skills challenges through five lenses: business leaders’ priorities, the threat landscape, cybersecurity strategies, the value of certifications, and hiring from diverse talent pools. The findings are based on responses obtained from online interviews and an email survey carried out in January 2024 involving 1850 IT and cybersecurity decision-makers in 29 countries.
51% of respondents say that directors or executives have faced fines, jail time, loss of position, or loss of employment following a cyberattack. 97% of respondents say cybersecurity is regarded as a business priority by their boards. 87% of organizations say they have experienced one or more security breaches in 2023, half of them reporting over $1 million in lost revenues, fines, and other expenses, while average time to recover was nearly three (2.7) months. 80% expect cyberattacks to increase over the next year.
Better trained, more knowledgeable, and highly skilled IT/security professionals are essential to protecting executives and board members from being penalized for breaches. A security-aware staff provides critical frontline defenses. The more corporate leaders are held accountable, the more cybersecurity will be seen as “everyone’s responsibility”. Investing in certifications, ensuring certifications remain current, and recruiting from diverse and nontraditional talent pools will help close skills gaps. Organizations are sometimes restricting their access to skilled, ready-to-develop cybersecurity talent by being too rigid in their requirement of foundational credentials.
Main takeaway is that effective cybersecurity requires a three-pronged approach:
1. Help IT and security teams obtain vital cybersecurity skills by investing in the training and certifications required to achieve this goal – 91% of leaders prefer to hire candidates with certifications.
2. Cultivate a cyber-aware frontline staff who can contribute to security as a first line of defense.
3. Obtain and use effective cybersecurity solutions, to ensure a strong security posture
Source: European Digital Skills & Jobs Platform