Among the many difficult issues facing the global cybersecurity industry, a worldwide talent gap continues to cause serious concern. With ransomware and other attacks rising and data breaches becoming more prevalent, organizations are also grappling with a chronic skills shortage that makes finding the right talent increasingly challenging.
But how serious is the problem? According to (ISC)2, a non-profit organization focusing on cybersecurity training and certification, there is a staggering global cybersecurity workforce gap of 3.1 million professionals. Elsewhere, Cybersecurity Ventures puts the total even higher at 3.5 million – up by 350% from one million openings in 2013. In the US alone, the Cyber Seek heat map currently shows over 755,000 cybersecurity job openings compared to a total employed industry workforce of just over 1.1 million.
One particularly worrying trend comes from those at the most senior levels of today’s cybersecurity teams – the CISOs. A report published late last year by BlackFog revealed that 32% of CISOs or IT Cybersecurity Leaders in the UK and US are contemplating leaving their current organization. At the time of publication, a third of the CISO respondents said they would do so within the next six months.
This alarming rate of attrition is likely to intensify the demand for cybersecurity talent, with these senior roles among the most hard-to-fill vacancies across the industry ecosystem. According to the report, these professionals often express frustrations regarding the lack of work-life balance and the reactive nature of their roles, where they spend too much time firefighting rather than focusing on strategic issues.
Whichever you look at it, therefore, the situation is extremely worrying. What’s more, organizations are not just facing competition to secure cybersecurity talent anymore. The rise of ransomware-as-a-service (RaaS) has created a whole new marketplace, with cybercrime groups aggressively recruiting, leading to an unusual situation where commercial enterprises are considering a talent pool of reformed hackers to strengthen their cybersecurity teams.
Harnessing Technology to Help Close the Talent Gap
Given this situation, how can organizations respond? One of the most practical and effective ways to address the current labor shortage, beyond getting creative with hiring, is to ensure that organisations have the correct products to protect their systems and data, together with automating more menial tasks for their security analysts and leadership. By doing so, they can put themselves in a much better position to spend their time focusing on stopping digital adversaries. But to get there, companies must be proactive in both their recruitment and building out their cybersecurity infrastructure.
For example, organisations everywhere are faced with the major risks presented by malware and ransomware, with 95% of ransomware files delivered as Windows-based executables. This is because Windows is the most widely used operating system in the business environment, making it a frequent target for hackers. Part of the problem in responding to these risks is that today’s antivirus and phishing filters lack the capability to remove malicious hyperlinks and other active content within everyday Windows-compatible files.
In contrast, Glasswall CDR (Content Disarm and Reconstruction) doesn’t rely on the detection of ‘known’ threats – it works by proactively looking for ‘known good’. The Glasswall CDR Platform inspects, cleans and rebuilds each file – automatically removing potential threats and delivering a secure, visually-identical version. This all happens in real-time, so users won’t even notice Glasswall is providing protection against completely new attack types.
Glasswall’s CDR engine protects its users from file-based zero-day malware by an average of 18 days before conventional AVs and detection systems. Only safe, clean, and fully functioning files enter and leave an organization, allowing users to access them with full confidence. In an environment where skills shortages are putting organizations at risk, this kind of proactive protection against file-based threats has become more crucial than ever.
To read more about how Glasswall protects against file-based threats, click here.