According to a recent report by Russian cyber security company Kaspersky Lab, large businesses that struggle to find sufficiently skilled IT security experts end up paying up to three times more to recover from a cyber security incident.
Citing the complexity of IT infrastructure, compliance requirements and the overall desire to protect business assets, it said companies are highly motivated to grow their security intelligence.
For a third of businesses, the improvement of security expertise is one of the top three drivers for additional investment in IT security.
The growing demand is not easy to meet due to a shortage of specialists and increasingly complex requirements.
The report quotes Kaspersky Lab’s security experts as saying that the need for security managers is even more substantial. On top of deep technical knowledge, managers’duties include communication with top management and overseeing the overall strategy – qualities that are especially important, and in fact, more appropriate, for large companies.
The report adds a final touch to the bigger picture of talent shortage with education challenges.
Higher education institutions recognise the need to revise their programmes, and at the same time acknowledge the challenge of embedding security-oriented thinking into a wide variety of IT courses.
Overall, 68.5 per cent of companies expect an increase in the number of full-time security experts, with 18.9 per cent expecting a significant increase in headcount.
Higher education is an important part of fulfilling such a demand, but this is also a call for a change within the security industry itself.
Another solution is to adapt R&D efforts towards the effective sharing of intelligence with corporate customers in the form of threat data feeds, security training and services.
Businesses and organisations need to quickly build a long-term strategy for IT security manpower if they do not want to be hacked easily as has been happening in recent times, experts said.