Fortinet: Lack of cybersecurity-trained personnel raised cyberthreat risks
The lack of trained cybersecurity personnel increased threat risks in 68% of organizations globally, according to Fortinet’s 2023 Cybersecurity Skills Gap Global Research report.
The report found that 84% of organizations experienced one or more cybersecurity intrusions in the past 12 months, up from 80% in 2021. Likewise, the number of organizations experiencing five or more threats increased by 53% from 2021 to 2022, further exacerbating the need to fill crucial positions and train and certify staff to help strengthen organizations’ security postures.
This number will grow, as 65% of institutions expect cyberattacks to increase in the next 12 months, the report noted.
“One reason for this increase is that many cybersecurity teams are understaffed and overburdened, trying to keep up with thousands of daily threat alerts and managing various solutions to adequately protect their organization’s devices and data,” Fortinet stated.
It is estimated that more than 3.1 million professionals are needed to fill the global cybersecurity workforce gap.
“The cybersecurity talent shortage is one of the top challenges putting organizations at risk, as clearly demonstrated by the results of the latest Global Cybersecurity Skills Gap Report from Fortinet,” said John Maddison, executive vice president of products and chief marketing officer at Fortinet.
“In today’s climate, organizations must choose products that introduce automation to offload overworked teams while continuing to focus on upskilling and cybersecurity training,” he said.
According to the report, nearly 50% of organizations experienced attacks costing more than $1 million in the last 12 months, an increase of 38% compared to the previous year’s report. About 81% of cyberattacks were phishing, password theft and malware-related.
The report also revealed that cybersecurity is one of the top concerns of boards of directors in organizations. In Latin America and the Caribbean, 94% of these organizations advocated for hiring more information technology (IT) security personnel.
The report recommends that employers acknowledge how training and certifications can help their organizations address the skills gap while also providing a competitive advantage for individuals seeking to advance in their current security profession or for those interested in transitioning into the field.
Report’s take on training
Not enough professionals are certified: While certifications are highly regarded, more than 70% of respondents said it is difficult to find people with certifications.
Certifications are sought after by employers: Beyond experience, employers view certifications and training as reliable validation of an individual’s skill set with 91% of Latin American and Caribbean business leaders preferring to hire individuals with technology-focused certifications. Additionally, 90% of respondents would pay for an employee to get a cybersecurity certification.
Certifications benefit both organizations and individuals: More than 80% of report respondents (82%) indicated their organization would benefit from cybersecurity certifications and 95% of business leaders have experienced positive results from either their team or themselves being certified.
While the report demonstrated that organizations are seeking ways to tap into new talent pools to fill cybersecurity roles, with eight out of 10 organizations having diversity goals as part of their hiring practices, roughly 40% of organizations indicate they have difficulty finding qualified candidates who are women, military veterans or from minority backgrounds.
The report suggested that there was a decrease in the number of veterans being hired compared to last year, with the percentage of organizations indicating they hired military veterans dropping from 53% in 2021 to 47% in 2022. At the same time, the report shows there was only a 1% increase year-over-year in organizations hiring women (88% in 2021 and 89% in 2022) and minorities (67% in 2021 and 68% in 2022).
The survey was conducted among more than 1,800 IT and/or cybersecurity decision-makers from 29 different locations. Survey respondents came from a range of industries, including technology (21%), manufacturing (16%), and financial services (13%).
