The cybersecurity industry today is being challenged by the speed of business transformation, the range of technologies and solutions being used, and the skills necessary to master the usage of cybersecurity. The pandemic has disrupted the legacy way of working as well as the traditional investments into conventional IT technologies.
In 2019, the (ISC)2 Cybersecurity Workforce Study, concluded 4.07 million workers would now need to be added to the 2.8 million currently in the field globally to fully close the gap. The pandemic is only adding to those numbers.
The skills gap impacts all organisations, but while the larger enterprises can attract the top practitioners, other businesses continue to be operationally and financially impacted. The Fortinet Survey on Cybersecurity Skills Shortage, released in May 2020, finds that 73% of organisations in the survey had at least one intrusion or breach over the past year that can be partially attributed to a gap in cybersecurity skills. And 47% had as many as three such intrusions in the past 12 months.
Other than the imbalance between supply and demand of cybersecurity skills, another dynamic in the industry is the role played by certification institutions for testing and qualifying practitioners.
The May 2020 survey by Fortinet found that 94% respondent practitioners believe certifications have prepared them better for their role. More than half of the respondents experienced certifications to have increased awareness of cybersecurity and helped them perform their duties more effectively. 39% believe certifications have accelerated their career growth.
On the recruitment side, 82% of organisations prefer to hire candidates with certifications. Employers believe that certifications are a validation of a candidate’s cybersecurity awareness and knowledge. This increases their confidence that they will perform their duties well.
So, while certifications are increasingly going to become a key part of the skills dynamics, the areas of certification and the prevailing standards are of importance as well.
Certifications are usually built around focus subjects. In the area of cybersecurity, this can include subjects such as offensive security, cyber defence, cloud security, DFIR, management, and ICS. Institutions providing certifications can choose to skim the subject matter on the top and hence achieve only a broad perspective.
Or they can focus on a deep dive approach, with multiple certifications in the same subject area ensuring that any practitioner qualifying for the certification is really specialised and qualified in that area.
For the professional specialist and the future potential employer, clearly the second approach is a healthier and more productive one for both sides.
Leading certification institutions also require the professional to qualify through a hands-on session that simulates situations experienced in real life. Practical virtual machine exams in a lab environment require takers to perform hands-on tasks mimicking what they might find in daily work. Getting certified in the hands-on area ensures that the professional is actually ready to go from day one, hour one.
Another important area for selection of a certification institution is to ascertain whether they offer courses that are in demand across the cybersecurity industry.
While there are many certifying institutions for cybersecurity with varying levels of qualifications, selecting the ones with low entry barriers may allow a quick start. But it is the ones with higher rigour that are going to provide better returns and support in the longer term.
By Ned Baltagi, Managing Director, Middle East and Africa, SANS Institute.