Page 1

REVERSING THE

CYBER SECURITY SKILLS GAP

A Learning Tree eBook


TODAY’S

CYBER SECURITY

THREAT LANDSCAPE


Malicious actors show no signs of slowing, as the quantity and severity of cybercrimes continue to rise year over year. The United States is again a prime target for cybercriminals, with the average cost of a cybercrime reaching nearly $30 million. The United Kingdom saw the biggest increase in average cybercrime cost, jumping 31% from $8.7 million to over $11 million.

TOP 5 COUNTRIES – Average Annual Cost Of Cybercrime

Organizations in the banking, utilities, and software industries still have the most to lose when it comes to costly cyber threats, but the automotive industry and U.S. Federal governments have seen the largest increase in average annual cost of cybercrime.

The Average Annual Cost Of Cybercrime By Industry

$5.2Trillion

Globally, organizations are on track to lose $5.2 trillion to cybercrime over the next 5 years.

Sources: https://securityboulevard.com/2019/10/what-is-the-cost-of-cybercrimes-attacks/ https://www.accenture.com/us-en/insights/security/cost-cybercrime-study


WHAT IS CAUSING THE CYBER SKILLS GAP? Despite efforts to increase cyber security job training, hiring hasn’t kept pace with the demand for trained cyber security professionals — and thus, the cyber skills gap continues to grow. Though the number of graduates in the cyber security field has risen 40% in the last four years, the ratio of employed cyber security workers to job openings hasn’t changed.

1. An Industry-Agnostic Issue

Once upon a time, cyber security professionals were needed mostly in government and defense entities. Today, every organization in every industry needs cyber security expertise to keep their networks and data secure. Since 2013, there has been a 94% increase in cyber security job postings — growth almost three times faster than all other IT job postings. Cyber security job roles also take 20% longer to fill than other IT job postings.

1.8 Million The projected number of unfilled

2. Certifications & Experience

The industry requires a rigorous background for cyber security professionals, making it harder for professionals to break into the cyber security field and causing positions to go unfilled. •8  6% of cyber job posting require a college degree and at three years of experience •2  4% require graduate-level education credentials •5  9% of cyber job postings require at least one industry certification (only 20% of IT job posting require a certification)

3. Skills Falling Behind

Even cyber security professionals within a job role are finding it difficult to keep pace with the shifting and growing skillsets necessary to succeed in cyber security. 93% of cyber security professionals indicate it’s critical that they keep their skills fresh, but two-thirds say their daily duties make it impossible for them to do so.

How is the skills gap affecting organizations?

cyber security jobs by 2022.

74% of organizations are negatively impacted by the cyber security skills shortage.

85% of organizations say their cyber security team is currently understaffed.

Sources: Tripwire Skills Gap Survey 2019 https://www.burning-glass.com/research-project/cybersecurity/ https://www.darkreading.com/careers-and-people/more-supply-more-demand-cybersecurity-skills-gap-remains/d/d-id/1335071


CURRENT CYBER SECURITY WORKFORCE LANDSCAPE According to CyberSeek.org, there are 313,000 unfilled cyber security positions in the United States alone. Globally, (ISC)2 estimates the number of unfilled cyber security positions to number just under 3 million.

Though foundation level security certifications like CompTIA’s Security+, have saturated the job market, demand for more specialized certifications like ISACA’s CISA and CISM certifications are outpacing certification holders.

Top cyber security job titles include cyber security engineer, cyber security analyst, vulnerability analyst, and penetration tester.

Sources: https://www.cyberseek.org/heatmap.html https://blog.isc2.org/isc2_blog/2018/10/cybersecurity-skills-shortage-soars-nearing-3-million.html


TODAY’S FASTEST-GROWING CYBER JOB ROLES As the threat landscape shifts, so do the skills needed to combat tomorrow’s critical threats. Today’s fastest-growing cyber job roles are a nod to the need to get ahead of threats, both at the ground level and executive levels of an organization.

Automation Skills

Outpacing demand for all other cyber-related skillsets is the need for automation experts. Automation can be key to defending cyber vulnerabilities with understaffed cyber security teams. In a recent Ponemon Institute study, 79% of respondents said they are currently using or plan to use automation in their organization’s security efforts, but 56% of organizations report a lack of in-house expertise as their barrier to implementing automation improvements.

Growth Rate of Top Cyber-Related Job Roles Since 2013 350% 300% 250%

255%

200% 150%

140%

100%

Risk Management Skills

Risk management skills are critical for managers, executives, and the C-Suite to maintain a comprehensive, proactive, top-down cyber security strategy. Risk management and assessment are critical skills for organizational leaders in every industry, including knowledge of how to effectively use today’s leading risk management tools, such as the NIST Cybersecurity Framework and the Center for Internet Security (CIS) top 20 security controls. Source:

0%

Automation

IoT

Risk Management

Cyber Security (General)

Top In-Demand Skills Automation Python Perl Java Splunk

Microsoft PowerShell C++ Ruby

IoT Machine Learning & AI Automation Business Intelligence Information Security

UI/UX Design Mobile Development IP Networking

Risk Management Risk Assessment Internal Auditing COBIT Risk Management Frameworks (NIST)

https://www.redbytes.in/skills-to-become-an-iot-developer/ https://thenewstack.io/5-skills-you-need-to-master-to-start-a-successful-career-in-iot/ http://www.circleid.com/posts/20190626_demand_for_cybersecurity_workers_in_the_us_ has_nearly_doubled/ https://www.darkreading.com/threat-intelligence/the-cybersecurity-automation-paradox/d/d-id/1334470https://www.techrepublic.com/article/kaspersky-honeypots-find-105-millionattacks-on-iot-devices-in-first-half-of-2019/

Learn More at: LearningTree.com/SecureIT

94%

50%

Internet of Things (IoT) Skills

The number of IoT-enabled devices has risen to 35 billion — a number expected to skyrocket to 70 billion by 2025. At the same time, attacks on these devices are unrelenting. Kaspersky found 105 million attacks on IoT devices during the first half of 2019 — nine times more than same period in 2018. As the prevalence of these devices continues to increase, the need for professionals with the skills to secure them will continue to grow.

133%

Information Assurance Audit Planning External Auditing


WHAT CAN IT AND CYBER SECURITY PROFESSIONALS DO TO CLOSE THE CYBER SKILLS GAP? Get on a Path to Cyber Success

Cyber security professionals perform highly-specialized tasks, and it’s critical to get on a cyber security professional development path that both makes sense for your personal professional goals, while also aligning to the needs of the workforce. By aligning your career progression to trusted cyber workforce frameworks, you ensure you’re speaking the same language as the industry and can easily find your path to success.

Interactive Cyber Security Learning Paths

Learning Tree offers over 30 interactive cyber security learning paths aligned to the NICE Framework and NIST Risk Management Framework job roles, making it easy to chart your path to success through blended training and certifications to demonstrate your skills and abilities.

LEARNING TREE’S

INTERACTIVE LEARNING PATH TOOL Training aligned with the NICE Framework

Explore INTERACTIVE Cyber Security Learning Paths


WHAT CAN EXECUTIVES AND LEADERS DO TO CLOSE THE CYBER SKILLS GAP? Attract and Keep Cyber Talent

Today’s organizational leaders need to make attracting and keeping top cyber security talent a priority in their organizations. This is more than about having an enticing onboarding package for cyber professionals — it’s about keeping the professionals you do have and expanding their skillsets to keep pace with technology (and threat) advances year over year. One easy way to do this is by aligning your cyber workforce to a trusted framework, like the NICE Cybersecurity Framework.

Interactive Cyber Security Learning Paths

Learning Tree offers over 30 interactive cyber security learning paths aligned to the NICE Framework and NIST Risk Management Framework job roles, to keep your cyber security workforce skilled and ready to defend.

Explore Interactive Cyber Security Learning Paths

Learn More at: LearningTree.com/SecureIT

Get Up to Speed on Risk Management

Frontline workers aren’t the only ones lacking critical skills. An effective, proactive cyber security strategy comes from the top, and today’s managers and leaders need to understand and embrace their role in cyber security risk management efforts. From tools like the NIST Cybersecurity Framework to the Center for Internet Security (CIS) top 20 security controls, organizational leaders, leaders will need to keep their skills up to date just like frontline IT and security workers if they have any hope to combat tomorrow’s cyber threats.

On-Demand Webinar: Risk Management Tools to Support Cyber Security

In this on-demand webinar, Learning Tree CEO Richard A. Spires discusses tools that can help organizational leaders support cyber security, such as the NIST Cybersecurity Framework and the Center for Internet Security (CIS) top 20 security controls.

Watch the Webinar


High-Performance Training & Implementation Solutions From Learning Tree Technology Brands Adobe

IBM

Oracle

SAP

AWS

Lean Six Sigma

Red Hat

VMware

Cisco

Microsoft

Salesforce

IT & Management Training Topics Agile & Scrum

Cyber Security

Linux & UNIX

Power BI

Apple Programming

DevOps

Project Management

Azure

FAC P/PM

Microsoft Cloud Workshops

Big Data & Data Science

ITIL

Microsoft Dynamics 365

SharePoint

ITSM Certification Training

Microsoft Office

Software Development

Java Programming

Mobile App Development

SQL Server

Leadership & Professional Development

.NET / Visual Studio

Web Development

Networking & Virtualization

Windows Training

Business Analysis Business Intelligence Cloud Computing

US1908 MS

Communication Skills

®

Python, Perl & C++

Honored In Serving 60,000+ Organizations

500+ Expert Instructors – Real-World Practitioners

Demonstrated Past Performance

For 45 years, Learning Tree has been a trusted partner for the world’s largest corporations in Financial Services, Healthcare, all levels of Government, Professional Services, Manufacturing, Education and Non-Profits.

Serving our global footprint and averaging 15+ years of real-world consulting experience to deliver real-world results

Offering end-to-end capabilities resulting in improved organizational performance – Workforce Development

LearningTree.com 1-800-THE-TREE (843-8733)

ITIL® is a registered trade mark of AXELOS Limited. COBIT® is a registered trademark of Information Systems Audit and Control Association® (ISACA®).

Profile for LearningTree International

Reversing the Cyber Security Skills Gap  

Reversing the Cyber Security Skills Gap