A new study that was recently released by (ISC)2 , organizations that have made a strong investment in cybersecurity technology are better able to retain the talent they need to protect against both the internal and external threats.
The study, Building a Resilient Cybersecurity Culture, that surveyed around 250 organizations, that represents a range of sizes. The prerequisite was that those companies had built a strong cybersecurity track record. Rather than focused on the skill gap from the negative, the study had identified the solutions to the workforce gap from companies that report that they have “all the cybersecurity experts that they need to be successful.”
Those surveyed participants were full time employees and were responsible for cybersecurity. Of the 250 participants, 84% of which work at companies with more than 100 employees, while 16% work at companies with fewer than 100 employees.
Only around 18% of those participants said they do worry about losing the member of their security staff, yet 99% of which have said that they influence or decision-making authority to hire and evaluate the IT professionals.
“Respondents in the survey worry less about losing the cybersecurity employees than actual threats, an indication that having competent, experienced people in place allow them to focus on what important – protecting the organization. Hence, 57% say their biggest concern is the constant evolution of threats they face, and of course 43% of which say it’s the determination of threats actors,” the report said.
The top management who understand the importance of cybersecurity team to be successful in security staffing team, as the study has shown that the strong culture begets professionals who hold the certifications. Well, around 70% of the participants said that they give high priority to those who are certified security professionals.
“One of the challenging things for growing organizations is aligning their job descriptions with both what the market can provide as well as the security org their trying to build is inside,” said Dr. Bret Fund, the founder and CEO at SecureSet. “This may sound much simpler than it really is, but it can be a real challenge to the organizations.”
“As organizations look to security educators, standards bodies and certification providers, having a sense of how their organizations align with some of the best practices of industries is going to be vital.”
The part of strengthening the security teams that do include offering the training and the certifications facilities to their employees as well as the cross-training on cybersecurity skills and the responsibilities. “The (ISC)2 report is a good example of the growing awareness of a strategic gap in the cybersecurity training in the US,” said Brajesh Goyal, vice president of engineering at Cavirin.
“If you go back to the end of WW2, there was a call for additional engineering training, [We’re experiencing the] same thing [now], and in fact the just-released ‘National Cyber Strategy’ document called out the need for additional training, both for the US government and for the commercial sector. These actions trickle down to proposed initiatives like a cyber Peace Corps or even the new Girl Scouts cybersecurity badge.”