CYBER SECURITY SKILLS GAP
A Learning Tree eBook
Malicious actors show no signs of slowing, as the quantity and severity of cybercrimes continue to rise year over year. The United States is again a prime target for cybercriminals, with the average cost of a cybercrime reaching nearly $30 million. The United Kingdom saw the biggest increase in average cybercrime cost, jumping 31% from $8.7 million to over $11 million.
TOP 5 COUNTRIES â€“ Average Annual Cost Of Cybercrime
Organizations in the banking, utilities, and software industries still have the most to lose when it comes to costly cyber threats, but the automotive industry and U.S. Federal governments have seen the largest increase in average annual cost of cybercrime.
The Average Annual Cost Of Cybercrime By Industry
Globally, organizations are on track to lose $5.2 trillion to cybercrime over the next 5 years.
Sources: https://securityboulevard.com/2019/10/what-is-the-cost-of-cybercrimes-attacks/ https://www.accenture.com/us-en/insights/security/cost-cybercrime-study
WHAT IS CAUSING THE CYBER SKILLS GAP? Despite efforts to increase cyber security job training, hiring hasn’t kept pace with the demand for trained cyber security professionals — and thus, the cyber skills gap continues to grow. Though the number of graduates in the cyber security field has risen 40% in the last four years, the ratio of employed cyber security workers to job openings hasn’t changed.
1. An Industry-Agnostic Issue
Once upon a time, cyber security professionals were needed mostly in government and defense entities. Today, every organization in every industry needs cyber security expertise to keep their networks and data secure. Since 2013, there has been a 94% increase in cyber security job postings — growth almost three times faster than all other IT job postings. Cyber security job roles also take 20% longer to fill than other IT job postings.
1.8 Million The projected number of unfilled
2. Certifications & Experience
The industry requires a rigorous background for cyber security professionals, making it harder for professionals to break into the cyber security field and causing positions to go unfilled. •8 6% of cyber job posting require a college degree and at three years of experience •2 4% require graduate-level education credentials •5 9% of cyber job postings require at least one industry certification (only 20% of IT job posting require a certification)
3. Skills Falling Behind
Even cyber security professionals within a job role are finding it difficult to keep pace with the shifting and growing skillsets necessary to succeed in cyber security. 93% of cyber security professionals indicate it’s critical that they keep their skills fresh, but two-thirds say their daily duties make it impossible for them to do so.
How is the skills gap affecting organizations?
cyber security jobs by 2022.
74% of organizations are negatively impacted by the cyber security skills shortage.
85% of organizations say their cyber security team is currently understaffed.
Sources: Tripwire Skills Gap Survey 2019 https://www.burning-glass.com/research-project/cybersecurity/ https://www.darkreading.com/careers-and-people/more-supply-more-demand-cybersecurity-skills-gap-remains/d/d-id/1335071
CURRENT CYBER SECURITY WORKFORCE LANDSCAPE According to CyberSeek.org, there are 313,000 unfilled cyber security positions in the United States alone. Globally, (ISC)2 estimates the number of unfilled cyber security positions to number just under 3 million.
Though foundation level security certifications like CompTIAâ€™s Security+, have saturated the job market, demand for more specialized certifications like ISACAâ€™s CISA and CISM certifications are outpacing certification holders.
Top cyber security job titles include cyber security engineer, cyber security analyst, vulnerability analyst, and penetration tester.
Sources: https://www.cyberseek.org/heatmap.html https://blog.isc2.org/isc2_blog/2018/10/cybersecurity-skills-shortage-soars-nearing-3-million.html
TODAY’S FASTEST-GROWING CYBER JOB ROLES As the threat landscape shifts, so do the skills needed to combat tomorrow’s critical threats. Today’s fastest-growing cyber job roles are a nod to the need to get ahead of threats, both at the ground level and executive levels of an organization.
Outpacing demand for all other cyber-related skillsets is the need for automation experts. Automation can be key to defending cyber vulnerabilities with understaffed cyber security teams. In a recent Ponemon Institute study, 79% of respondents said they are currently using or plan to use automation in their organization’s security efforts, but 56% of organizations report a lack of in-house expertise as their barrier to implementing automation improvements.
Growth Rate of Top Cyber-Related Job Roles Since 2013 350% 300% 250%
Risk Management Skills
Risk management skills are critical for managers, executives, and the C-Suite to maintain a comprehensive, proactive, top-down cyber security strategy. Risk management and assessment are critical skills for organizational leaders in every industry, including knowledge of how to effectively use today’s leading risk management tools, such as the NIST Cybersecurity Framework and the Center for Internet Security (CIS) top 20 security controls. Source:
Cyber Security (General)
Top In-Demand Skills Automation Python Perl Java Splunk
Microsoft PowerShell C++ Ruby
IoT Machine Learning & AI Automation Business Intelligence Information Security
UI/UX Design Mobile Development IP Networking
Risk Management Risk Assessment Internal Auditing COBIT Risk Management Frameworks (NIST)
https://www.redbytes.in/skills-to-become-an-iot-developer/ https://thenewstack.io/5-skills-you-need-to-master-to-start-a-successful-career-in-iot/ http://www.circleid.com/posts/20190626_demand_for_cybersecurity_workers_in_the_us_ has_nearly_doubled/ https://www.darkreading.com/threat-intelligence/the-cybersecurity-automation-paradox/d/d-id/1334470https://www.techrepublic.com/article/kaspersky-honeypots-find-105-millionattacks-on-iot-devices-in-first-half-of-2019/
Learn More at: LearningTree.com/SecureIT
Internet of Things (IoT) Skills
The number of IoT-enabled devices has risen to 35 billion — a number expected to skyrocket to 70 billion by 2025. At the same time, attacks on these devices are unrelenting. Kaspersky found 105 million attacks on IoT devices during the first half of 2019 — nine times more than same period in 2018. As the prevalence of these devices continues to increase, the need for professionals with the skills to secure them will continue to grow.
Information Assurance Audit Planning External Auditing
WHAT CAN IT AND CYBER SECURITY PROFESSIONALS DO TO CLOSE THE CYBER SKILLS GAP? Get on a Path to Cyber Success
Cyber security professionals perform highly-specialized tasks, and it’s critical to get on a cyber security professional development path that both makes sense for your personal professional goals, while also aligning to the needs of the workforce. By aligning your career progression to trusted cyber workforce frameworks, you ensure you’re speaking the same language as the industry and can easily find your path to success.
Interactive Cyber Security Learning Paths
Learning Tree offers over 30 interactive cyber security learning paths aligned to the NICE Framework and NIST Risk Management Framework job roles, making it easy to chart your path to success through blended training and certifications to demonstrate your skills and abilities.
INTERACTIVE LEARNING PATH TOOL Training aligned with the NICE Framework
Explore INTERACTIVE Cyber Security Learning Paths
WHAT CAN EXECUTIVES AND LEADERS DO TO CLOSE THE CYBER SKILLS GAP? Attract and Keep Cyber Talent
Today’s organizational leaders need to make attracting and keeping top cyber security talent a priority in their organizations. This is more than about having an enticing onboarding package for cyber professionals — it’s about keeping the professionals you do have and expanding their skillsets to keep pace with technology (and threat) advances year over year. One easy way to do this is by aligning your cyber workforce to a trusted framework, like the NICE Cybersecurity Framework.
Interactive Cyber Security Learning Paths
Learning Tree offers over 30 interactive cyber security learning paths aligned to the NICE Framework and NIST Risk Management Framework job roles, to keep your cyber security workforce skilled and ready to defend.
Explore Interactive Cyber Security Learning Paths
Learn More at: LearningTree.com/SecureIT
Get Up to Speed on Risk Management
Frontline workers aren’t the only ones lacking critical skills. An effective, proactive cyber security strategy comes from the top, and today’s managers and leaders need to understand and embrace their role in cyber security risk management efforts. From tools like the NIST Cybersecurity Framework to the Center for Internet Security (CIS) top 20 security controls, organizational leaders, leaders will need to keep their skills up to date just like frontline IT and security workers if they have any hope to combat tomorrow’s cyber threats.
On-Demand Webinar: Risk Management Tools to Support Cyber Security
In this on-demand webinar, Learning Tree CEO Richard A. Spires discusses tools that can help organizational leaders support cyber security, such as the NIST Cybersecurity Framework and the Center for Internet Security (CIS) top 20 security controls.
Watch the Webinar
High-Performance Training & Implementation Solutions From Learning Tree Technology Brands Adobe
Lean Six Sigma
IT & Management Training Topics Agile & Scrum
Linux & UNIX
Microsoft Cloud Workshops
Big Data & Data Science
Microsoft Dynamics 365
ITSM Certification Training
Mobile App Development
Leadership & Professional Development
.NET / Visual Studio
Networking & Virtualization
Business Analysis Business Intelligence Cloud Computing
Python, Perl & C++
Honored In Serving 60,000+ Organizations
500+ Expert Instructors – Real-World Practitioners
Demonstrated Past Performance
For 45 years, Learning Tree has been a trusted partner for the world’s largest corporations in Financial Services, Healthcare, all levels of Government, Professional Services, Manufacturing, Education and Non-Profits.
Serving our global footprint and averaging 15+ years of real-world consulting experience to deliver real-world results
Offering end-to-end capabilities resulting in improved organizational performance – Workforce Development
LearningTree.com 1-800-THE-TREE (843-8733)
ITIL® is a registered trade mark of AXELOS Limited. COBIT® is a registered trademark of Information Systems Audit and Control Association® (ISACA®).