A recent study by the company cybersecurity Fortinet revealed that organizations are attributing more and more breaches to the cyber skills gap and that these attacks continue to have significant repercussions for companies, with more and more executive leaders sanctioned.
In its 2024 global cybersecurity skills gap report, Fortinet highlighted that ongoing challenges related to cybersecurity skills shortages affect organizations around the world.
Within that framework, he stressed that employers continue to view certifications as a validator of current cybersecurity skills and knowledge and that numerous opportunities remain to hire from diverse talent pools to help address the skills shortage.
The survey was carried out among more than 1,850 IT and cybersecurity decision makers from 29 countries and different locations. Respondents came from a variety of industries, including technology (21%), manufacturing (15%), and financial services (13%).
Cyber skills gap affects companies worldwide
The work estimated that they need 4 million professionals to fill the growing cybersecurity workforce gap; of this number, 1.3 million correspond to Latin America and the Caribbean.
IT Analyst 4.jpeg
At the same time, the global report found that 70% of organizations indicated that cybersecurity skills shortages create additional risks for their organizations. Other findings highlighting the impact of the growing skills gap on businesses around the world include:
-
Organizations are attributing more breaches to a lack of cyber skills: In the past year, Nearly 90% of organizational leaders (87%) said they experienced a gap that they can partially attribute to a lack of cyber competenciescompared to 84% who stated this in the 2023 report and 80% the previous year.
-
The security breaches are having a more substantial impact on businesses: Security breaches have a variety of repercussions, ranging from financial to reputational challenges. This year’s survey found that corporate leaders are increasingly held accountable for cyber incidents, with 51% of respondents saying directors or executives have faced fines, prison time, job loss, or loss of employment following a cyberattack. Additionally, more than 50% of respondents said breaches cost their organizations more than $1 million in lost revenue, fines, and other expenses last year, up from 48% in the 2023 report and 38% the year before.
-
Boards of directors see the cybersecurity as a business imperative: As a result, executives and boards of directors are increasingly prioritizing cybersecurity, with 72% of respondents saying their boards were more focused on security in 2023 than the previous year. Besides, 97% of respondents say their board considers cybersecurity a business priority.
“The results of our latest global cybersecurity skills gap report highlight the critical need for a collaborative, multifaceted approach to closing the skills gap. To effectively mitigate risk and combat today’s complex threats, organizations must employ a strategic combination of leveraging the right security technology, upskilling existing security professionals through training and certifications, and nurturing a workforce cyber-conscious,” he highlighted John MaddisonCMO at Fortinet.
He added: “As part of Fortinet’s dedication to closing the skills gap through this three-tiered approach, we committed to training 1 million people in cybersecurity by 2026. We are approaching the halfway point of this five-tier commitment. years, since we are close to having trained half a million people to date.”
Hiring managers value continuous learning and certifications
Certifications are widely viewed by business leaders as validation of cybersecurity knowledge, and those who hold a certification or work with someone who does see clear benefits. This year’s survey also found that:
-
Candidates with certifications stand out from the rest. More than 90% of respondents said they prefer to hire candidates who have certifications.
-
Leaders Believe Certifications Improve Security Posture: Respondents value certifications so much that 89% said they would pay for an employee to obtain a cybersecurity certification.
-
Finding candidates who have certifications is not easy: More than 70% of respondents indicated that it is difficult to find candidates with technology-focused certifications.
Companies are expanding hiring criteria to fill vacancies
As cyber workforce shortages persist, some organizations are diversifying their recruiting pools to include candidates whose credentials fall outside of traditional backgrounds, such as a four-year degree in cybersecurity or a related field, to attract new talent and fill positions. vacancies. Changing these hiring requirements can unlock new possibilities, especially if organizations are also willing to pay for certifications and training. The report also found that:
-
Organizations continue to have programs dedicated to recruiting a diverse talent pool: 83% of respondents said their organizations have set diversity hiring goals for the coming years, in line with last year’s report, but slightly below 89% in 2021.
-
Hiring diversity varies from year to year: Despite continued recruiting goals, female hires decreased to 85% from 89% in 2022 and 88% in 2021; minority hires remain unchanged at 68% and up slightly from 67% in 2021; and veteran hires increased slightly to 49% from 47% in 2022 but decreased from 53% in 2021.
-
While many hiring managers value certifications, some organizations still prefer candidates with traditional backgrounds: Even though many respondents say they value certifications, 71% of organizations still require four-year degrees and 66% only hire candidates with traditional training backgrounds.
Organizations are taking a three-pronged approach to building cyber resilience
The increasing frequency of costly cyberattacks, combined with the potential for serious personal consequences for board members and directors, is leading to an urgent push to strengthen cyber defenses across all businesses. As a result, organizations are focusing on a three-pronged approach to cybersecurity that combines training, awareness, and technology:
-
Help IT and security teams gain vital security skills by investing in the training and certifications necessary to achieve this goal.
-
Cultivate a cyber-aware frontline workforce that can contribute to a more secure organization as a first line of defense.
-
Use effective security solutions to ensure a strong security posture.
To help organizations achieve these goals, Fortinet offers the largest integrated portfolio of more than 50 enterprise-grade products through its platform. Fortinet Security Fabric. In addition, the award-winning Fortinet Training Instituteone of the industry’s most comprehensive training and certification programs, is dedicated to making cybersecurity certification and new career opportunities available to all populations, including offering cybersecurity awareness training for organizations to develop a cyber-aware workforce.
