Connect with us

Hi, what are you looking for?

HEADLINES

Companies state it takes more than 6 months to fill cybersecurity positions

Respondents cited a discrepancy between certification and real practical skills (52%) and lack of experience (49%) emphasizing that proven professional expertise is one of the most important characteristics companies are looking for searching in a cybersecurity practitioner. 

The latest Kaspersky survey found that 48% of companies require over half a year to find a qualified cybersecurity professional. A lack of proven experience was cited as one of the biggest challenges, along with the high cost of hiring and global competition in talent acquisition.

With global labor markets continuing to clamor for InfoSec professionals, the latest Kaspersky research revealed that 41% of companies admit their cybersecurity teams are understaffed.  “The portrait of the modern Information Security professional” survey seeks to evaluate the current state of the labor market and analyze the exact reasons it lacks cybersecurity experts. The study also identifies the skills and characteristics bosses demand when hiring staff. 

Respondents say it takes more than six months to fill an average information security position. As expected, recruitment for senior-level positions takes the longest, with 36% of companies saying it requires almost a year or more, while junior jobs can be filled in the shortest time – one to three months, according to 42% of respondents. These figures are alarming since companies that operate for long periods without the necessary staff are at huge risk, as the absence of cybersecurity personnel provides cybercriminals ample opportunity to penetrate business infrastructure and damage business processes. 

When asked about the biggest challenges in finding and hiring the “right” InfoSec professional, the majority of respondents cited a discrepancy between certification and real practical skills (52%) and lack of experience (49%) emphasizing that proven professional expertise is one of the most important characteristics companies are looking for searching in a cybersecurity practitioner. 

Advertisement. Scroll to continue reading.

The high cost in hiring these specialists is an obstacle for 48% of bosses, and global competition, expressed through aggressive and competitive hiring practices by multiple organizations, bothers more than 41% of respondents. Figures like these show that, even if a company finally finds candidates who meet all the requirements, it doesn’t mean that they will work for that company, as in such a competitive environment, other organizations may headhunt them, so the hiring process could continue indefinitely.   

“Companies often spend a lot of time not only on the hiring process but also on additional training for the team, in attempts to develop a diverse workforce within the company, with the right knowledge and skills. This strategy is effective for big companies and for organizations that have to comply with many local standards and regulations. As for small and medium-sized businesses, it’s usually recommended to outsource cybersecurity tasks to managed security services providers (MSSP) because it helps them close talent gaps in a short time and with minimum losses,” comments Ivan Vassunov, VP, Corporate products, Kaspersky.

To minimize the negative consequences of global cybersecurity staff shortfall, Kaspersky experts recommend the following:

  1. Adopt managed security services such as Kaspersky Managed Detection and Response (MDR) and/or Incident Response thus acquiring additional expertise without hiring additional personnel. This helps protect against cyberattacks and investigate incidents if the company lacks cybersecurity staff. 
  2. Regularly educate IT and InfoSec staff about actual cyber risks and invest in their training to advance their skills in detecting and responding to even sophisticated cyber threats.
  3. Use centralized and automated solutions such as Kaspersky Extended Detection and Response (XDR) to reduce the burden on the IT security team and minimize the possibility of making mistakes. By aggregating and correlating data from multiple sources in one place and using technologies of machine learning, such solutions reduce the mean time to detect threats (MTTD) and provide fast automated responses. 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

46% of geo-distributed companies encountered network problems between one and three times per month, while 13% stated they experienced network challenges every week. The...

HEADLINES

“Data is the new oil. Cyber criminals steal personal information to defraud you or use your identity to victimize people close to you. Guard...

White Papers

According to the report, among organizations surveyed, 97% of those hit by ransomware over the past year engaged with law enforcement and/or official government...

HEADLINES

This development marks a major step forward in Globe's long-standing #PlayItRight advocacy to help promote and protect the country’s ₱1.6-trillion creative industry from the...

HEADLINES

Spoofing is a technique where fraudsters impersonate SMS channels to deceive recipients. The practice has seen a marked rise, especially in Metro Manila, with...

White Papers

Kaspersky’s latest white paper revealed that 7 in 10 educators would rather use mobile data than a public network as a precautionary measure. However,...

HEADLINES

Since Smart intensified efforts against criminal activities facilitated over wireless services, it has blacklisted nearly 200,000 mobile numbers involved in these scams in the...

HEADLINES

The data indicated a staggering 30% global increase in the number of these groups compared to 2022, accompanied by a 71% surge in known...

Advertisement