It was revealed at the Digital Skills Committee meeting in the House of Lords on Tuesday that in 2017 there will be a global shortage of two million cyber security professionals.
Stephanie Daman, CEO of the Cyber Security Challenge, said, “If you look at our lifestyle these days everything we do is based on something connected to the internet,” citing Internet, banking, shopping and tax. “Everything has an internet layer.”
Daman continued: “At moment, in my view, we don’t have sufficiently number of skilled people to do that protection piece. There aren’t enough people with those skills. The money is there, the careers are there, and on face of it should be popular choice. But there’s a [skills] gap.”
What’s causing the skills gap?
A miniscule 0.6% of recent graduates (2012-2013) are currently working in cyber security. These statistics strengthen the belief held by many industry experts that the cause of the skills gap originates from schools.
To start closing the skills gap, schools and universities need to put a much stronger emphasis on cyber security. It shouldn’t go unnoticed that schools are trying, but often they aren’t aware of the threats that come with new technology.
Even if schools step up, however, it’s not going to solve the issue quick enough. It’s estimated to take 20 years for the skills gap to close.
Daman mentioned on Tuesday that there is “no obvious pathway” into the industry and that “in many ways it’s the career transitional that can fill our shortage.”
Organisations that are looking to employ cyber security professionals need to start looking past trying to hire ‘hard to find’ individuals and consider recruiting experienced IT professionals who they can then train to provide the security resource that the organisation needs.
People who are involved in information technology must also look to changing their career path and steer towards cyber security.
At IT Governance, we always recommend that studying for the CISMP and CompTIA Security+ qualifications provides the ideal transition from experienced IT professional to useful cyber security professional.