Take a glance on social media on any given day, and we’ll hear from commentators stating how there is a (cyber) skills gap and that it must be addressed if we are to meet the challenges we are all increasingly facing. 

Let’s be clear about something before we continue. If we are saying that there is a skills gap, then there are organizations out there that are ready to hire cybersecurity professionals now. The assumption is that these professionals don’t have the right skills that the organizations are looking for.

But how true is this?

Life and Times of Cybersecurity Professionals

The Information Systems Security Association International (ISSA) interviewed 489 cybersecurity professionals to get their views on the issues related to the cyber skills gap. ISSA then published their responses in The Life and Times of Cybersecurity Professionals 2021.

In summary, the report findings were that a more holistic approach to continuous cybersecurity education is required to address the skills shortage. This should start in public education and extend into comprehensive career development, mapping, and planning strategy, functions which would be supported and integrated within the business.

Of course, this is not going to happen overnight if it is even possible. However, the research goes on to say that one seemingly simple change organizations can make is to increase salary and compensation for cybersecurity professionals.

But is this likely to happen without changes within the cybersecurity sector itself?

The truth is, I believe there are two problems we need to address before we can close this perceived skills gap. Indeed, I don’t feel there is a cybersecurity skills gap at all. At least not the kind that most people think of. I believe there are fundamental misunderstandings and appreciation of what cybersecurity is. There is a communications gap, not (Read more...)