One-third of organizations report experiencing a security breach, and 68% are not confident that they can protect against an advanced attack.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Two out of three organizations report that finding qualified cybersecurity professionals is a struggle. — Cybrary, 2018
- One-third of professionals said that their organizations have experienced a security breach. — Cybrary, 2018
The war for qualified cybersecurity talent wages on, as two out of three organizations report that finding such professionals is a challenge, according to a Thursday report from open source cyber training platform Cybrary and Cyentia Institute. With more than 285,000 open positions in the cyber field, businesses often must turn to training their own employees to take on these tasks and protect their company's assets.
The report surveyed more than 3,100 IT, security, and non-technical professionals. One-third of these workers reported that their organizations have experienced a security breach, and 68% expressed doubts about their organization's ability to stop advanced threats.
Many issues come down to employee training, according to the report. Professionals who received anti-phishing and security awareness training show higher confidence in their own defensive abilities, the survey found. However, only 13% of respondents said that their organization conducts IT and security training during normal business hours. Another 60% said that they had to use personal time for such training.
SEE: Security awareness and training policy (Tech Pro Research)
Training costs are also an issue, according to the report: 35% of respondents said they spend at least $1,000 annually in training-related expenses. Half said they pay for their own training, while 15% say employers cover all training expenses.
The report recommends the following tips for integrating training into any organization:
- Get employee feedback on the types of training they're interested in pursuing
- Use annual performance reviews as a means of implementing structured, consistent training
- Align training material to both company objectives and individual employee objectives
- Identify which skill-based training is required by all employees
- Provide incentives for participating in training
"It is the job of company leaders to define the mission, vision, and values of their organization and communicate them regularly to employees," Kathy Miley, COO of Cybrary, wrote in the report. "Teaching an understanding of how the company can and will benefit from every employee's contributions helps professionals to feel more responsible for their career development."
- How to build a successful career in cybersecurity (free PDF) (TechRepublic)
- Landing that infosec job: These experts share their best career advice (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- One in three cybersecurity job openings go begging, survey finds (ZDNet)
- Report: Despite growing security threats, CXOs struggle to find cybersecurity professionals (TechRepublic)