According to the findings of a recent Kaspersky study revealed during Cybersecurity Weekend, 41% of businesses worldwide are facing an IT security problem. shortage of qualified cybersecurity professionals. This problem is even more acute for the Middle East, Turkey and Africa (META) region, with 43% of companies understaffed. The biggest shortage of staff is found among malware analysts and information security researchers.
The frequency and complexity of cyberattacks increaseand the demand for InfoSec professionals in businesses increases, the number of practitioners meeting the business requirements for skills and expertise level decreases.
META lacks InfoSec professionals
Studies by cybersecurity companies and international organizations have already highlighted the shortage of InfoSec professionals. Research conducted by (ISC)2 cybersecurity workforce study revealed that the labor gap was nearly 4 million InfoSec workers in 2022.
When it comes to cybersecurity needs across all sectors, the government sector reported the highest demand for cybersecurity practitioners and admitted that almost half (46%) of the infosec positions it needs remain vacant. The telecommunications and media sectors are 39% understaffed, followed by retail and wholesale and healthcare, with 37% of positions remaining vacant.
“To reduce the shortage of qualified InfoSec professionals, companies are offering high salaries, better working conditions and bonuses, while investing in up-to-date training with the latest knowledge. However, research results show that these measures are not always enough. The growth rate of the domestic IT market in some developing regions is changing so quickly that the labor market is failing to educate and train appropriate specialists with the necessary skills and expertise within such tight time frames. On the contrary, regions with developed economies and mature companies do not report such a serious shortage of InfoSec professionals, because their rates are lower than the market average,” comments Vladimir Dashchenko, Security Evangelist, ICS CERT, Kaspersky.
To minimize the negative consequences of global cybersecurity understaffing, Kaspersky experts recommend the following:
- Adopt managed security services like Kaspersky Managed Detection and Response (MDR)) or/and Incident Response to gain additional expertise without additional hiring. It helps protect against cyberattacks and investigate incidents even if a company lacks security officers.
- Invest in additional cybersecurity courses for your staff to keep them up to date with the latest knowledge. With Kaspersky Expert training, InfoSec professionals can develop their technical skills and be able to defend their business against attacks.
- Use interactive simulators to test your expertise and evaluate your thinking in critical situations. For example, with the new interactive software Kaspersky Ransomware game, you can observe how the company’s IT department deploys, investigates and responds to an attack, and makes vital decisions with the game’s main character.
- Use centralized and automated solutions such as Kaspersky Extended Detection and Response (XDR) to reduce the IT security team’s workload and minimize the risk of errors. By aggregating and correlating data from multiple sources in one place and using machine learning technologies, these solutions ensure effective threat detection and rapid automated response.
The research “The Portrait of Modern Information Security Professionals” was conducted to assess the current state of the job market and analyze the exact reasons for the cybersecurity skills shortage. 1,000 InfoSec professionals from Asia Pacific, Europe, META, North America, and Latin America were studied.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber Express assumes no responsibility for the accuracy or consequences of the use of this information.