76% of Cybersecurity Leaders Face Skills Shortage

It's Time to Change Your Perception of the Cybersecurity Professional

May 6, 2020

The latest findings of the Stott and May Cyber Security in Focus research reveal that leaders are still struggling with the skills gap and access to talent. Most respondents (76 percent) believe there is a shortage of cybersecurity skills in their company, which represents an improvement on 2019 (88 percent), however, the problem still seems more potent for mid-market and large enterprise businesses. Organizations are still struggling to source cybersecurity talent (72 percent) with no material improvement around time-to-hire from 2019.

Below are more findings from the Stott and May Cyber Security in Focus research.

Not all roles are created equal

Security leaders are finding some roles more acutely challenging to resource than others, says the report. Jim Rutt (CISO at the Dana Foundation), one of the participants in the research, stating “I think it’s more apparent in individual contributor roles like Security Architects, Security Engineers and high level SecOps professionals. There’s a shortage of good talent in those areas, emphasising the word ‘good’. But at that leadership level, whether it be Directors or CISO’s, I see no real shortage.”

The biggest barriers to strategy execution

The panel of security executives selected for the report revealed that internal skills were in fact the largest barrier to strategy execution in cybersecurity functions (39 percent felt this way) followed by budget (30 percent), board level buy-in (22 percent) and technology (9 percent), creating a headache for security leaders to resource their functions more effectively.
46 percent of respondents believed that Machine Learning and AI could offer part of the solution in terms of automating more workloads to reallocate people resource to higher profile projects.
Others (30 percent) were looking to get more creative around hiring internal talent with transferable skills.

The growing impact of security on the value proposition

This all comes at a point where cybersecurity functions have a greater role to play in improving the value proposition to customers and buyers across all sectors are becoming more educated on the issue of cybersecurity and data privacy, creating a knock-on impact on purchasing trends and profitability, found the report.
69 percent of the sample stated that their organization believed that the cybersecurity function had a positive impact on the value proposition of the organization.
There’s little doubt that respondents see cybersecurity moving up the list of boardroom issues, with 54 percent stating their businesses treat the issue as a strategic priority. This perception seems to be even stronger in high growth mid-market firms, with 83 percent pointing towards its strategic significance.

The Stott and May Cyber Security in Focus Survey examines the key issues that have made an impact on the market over the course of this year. The research is based on the collective experience of 55 cybersecurity leaders sourced from Stott and May’s professional network. Respondents were asked to share their views across a wide range of issues including, but not limited to, the skills shortage, the boardroom perception of cybersecurity, talent attraction and the challenges associated with securing business in the cloud.

The full report is available here.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

76% of Cybersecurity Leaders Face Skills Shortage

Related Articles

Related Products

Report Abusive Comment