Many organizations are still struggling to fill out their digital security workforces. This task isn’t getting any easier with time, either.

In a Tripwire-commissioned survey of 336 IT security professionals, four-fifths of respondents told Dimensional Research that they feel it’s gotten more difficult to hire skilled personnel since 2017. That’s a problem considering the fact that 85 percent of survey participants said their organization’s security teams are understaffed, with nearly half (47 percent) of respondents blaming these shortages on the skills gap.

The persistence of this skills gap is especially concerning for industrial organizations.

Unlike in other sectors, industrial entities need to protect both IT and OT environments against digital threats. And as these two environments continue to converge, it’s all the more imperative that industrial organizations have the resources to defend against IT security issues that seek to disrupt their OT assets. Depending on the threat level, such issues can undermine the functionality of the industrial organization as a whole and in the process threaten public safety.

These pressures lead us to the following question: with an increasingly pervasive skills-gap in industrial cybersecurity, how should industrial organizations strengthen their security posture?

Part of the answer might come from reconceptualizing the skills gap overall. Patrick Miller, Managing Partner of Archer Energy Solutions, is a firm advocate of this idea, as he hasn’t found evidence of a skills gap. Instead, he’s found indicators of something else going on: 

I think there is a gap between existing HR/management hiring expectations and the thriving talent pool that is out there. If you have a job posting that asks for a college degree, five years of experience, multiple programming languages, professional certificates and a security clearance for a salary of $75k, you won’t get anyone. Some engineers are interested in security (Read more...)