Cyber security is a people issue on both sides of the equation: insiders who may pose a threat (intentionally or not) and the professionals tasked with preventing threats. There is a dramatic shortage of skilled cyber security professionals.

Studies indicate a gap of 3.5 million cyber security positions – jobs that companies are hiring for but unable to fill – by 2021.

In addition, in the wake of the recent Equifax breach, there’s been a sharp focus on credentials in the cyber security space after news broke that the company’s chief security officer has degrees in music. This news, in turn, elicited various viewpoints regarding the value of certificates and just what makes a talented security professional.

Agreement On Skill Shortage

There seems to be plenty of agreement that there is a shortage of qualified personnel to fill the many open cyber security positions.

  • “We’re as close as possible to our unemployment rate being zero,” said Sam Olyaei, senior research analyst, at Gartner Security & Risk Assessment Summit in National Harbor, MD. “If you’re a cyber security professional with any kind of skill set, you already have a job and multiple offers on the table.”
  • An intelligence official noted that to be effective in cyberspace, the United States needs about 30,000 people with specialized security skills—it currently has 1,000.

Differing Views On Path to Skill Attainment

Is a technical degree a prerequisite for a senior security position? There are differing viewpoints on this question.

And, if you’re looking for a combination of a cyber security degree and several years of experience, that could be a tricky pairing to find. Degree programs in security haven’t been around for very many years, making it impossible to have both the degree and the experience.

Addressing the Skills Gap

Here are a few recommendations on ways to address the cyber security skills gap.

  • Machine learning to prioritize and investigate, and managed services to help augment staff are a few of the recommendations from Jon Oltsik, CSO, principal analyst at Enterprise Strategy Group. He goes on to call for additional support: “The cyber security skills shortage is an existential threat that impacts all of us. As such, national governments need to do more.”
  • Training junior in-house staff and supporting staff in certification attainment are recommendations cited by many.
  • Automation is a recommendation suggested by most experts who comment on the security skill shortage. A publication from Deloitte University Press states that with the use of advanced analytics, automation, and artificial intelligence, it’s possible to “train the technology” to deliver key insights that optimize cyber professionals’ work, streamline operational processes, and improve security outcomes.

One automation solution organizations can use to supplement their security team’s effort is online monitoring software.  This category of software allows IT to listen for insider threats, monitor activity, and establish alerts for suspicious activity.