7 Cyber-Security Skills In High Demand
Businesses around the world report a shortage in cyber-security talent. Here are the skills IT managers should be seeking to keep their data secure.
![](https://eu-images.contentstack.com/v3/assets/blt69509c9116440be8/bltccff513baf5994a2/64cb40675b89285b1b338151/cyberskills_intro.jpg?width=700&auto=webp&quality=80&disable=upscale)
Organizations across industries are challenged to address a cyber-security skills shortage leaving their networks open to attacks.
There will be 1 million to 2 million unfilled cyber-security jobs worldwide by 2019, according to a recent report released by Intel Security called "Hacking the Skills Shortage." The report includes the results of a survey of 775 IT decision-makers involved with security, 82% of whom reported a lack of cyber-security skills within their business.
The lack of security talent is both dangerous and expensive, especially as businesses face growing threats from external internet cyberattacks. Most organizations don't know how to detect or mitigate attacks that leverage digital channels such as social media and mobile.
Most respondents in the Intel study (82%) reported a lack of security talent within their organizations. One in three said this makes them hacking targets, and one in four claimed they have suffered reputational damage and proprietary data loss as a direct result of the skills shortage.
[Read: What can IT professionals learn from the DNC hack?]
Part of the problem is a lack of adequate cyber-security training for IT professionals. About half of survey respondents said they prefer entry-level candidates to have a bachelor's degree, but hands-on experience and professional certifications are typically more useful for developing the skills in greatest demand.
High-value technical skills are especially scarce. Skills such as secure software development, intrusion detection, and attack mitigation are in greater demand than comparatively "soft" skills, such as communication and collaboration, according to the study.
More than half of respondents (55%) believe cyber-security technologies will evolve to help close the skills gap within five years. Some also plan to outsource, but only for skills easily automated -- for example, threat detection through network monitoring.
Here, we take a close look at some of the cyber-security skills in greatest demand. This list can give IT managers a better idea of what to seek as they build a robust security workforce.
Do you look for these skills in members of your IT team? Are there any skills not listed that you value in your team? Feel free to share your thoughts in the comments section below.
Most respondents (53%) who participated in the survey released by Intel Security claim the cyber-security talent deficit is worse than the skills shortage in other IT professions. Intrusion detection is one of the cyber-security skills in "critically short supply," according to the report.
Intrusion detection involves discovering potentially harmful activity that could compromise the confidentiality, integrity, or availability of information, according to the SANS Institute. There are a few common types of intrusion detection. Network-based detection attempts to detect unauthorized behavior based on network traffic. Host-based detection tries to find illicit activity on a specific device. Physical detection involves finding threats on physical systems.
Risk mitigation involves tracking identified risks, discovering new risks, and keeping track of risk throughout a project. Developing a risk mitigation plan involves creating a process of actions that will reduce threats to a project, according to a Systems Engineering Guide on the Mitre website.
First, it's necessary to understand that data needs to be protected and why. Businesses must identify their most valuable assets and the threats putting them at risk. Knowing how the information is stored, who has access, and how the data is protected are three critical questions to ask for optimal data protection.
It's also important to brainstorm what might happen in the event of a breach. Your business must be ready to address a cyber-security attack immediately with a plan to minimize the damage. A risk mitigation professional could prove critical in formulating one of these plans.
In the report published by Intel Security, risk mitigation is one of the skills companies are considering outsourcing as security technology advances in the years to come.
Research firm ESG surveyed 633 IT and security professionals working at midmarket organizations throughout North America, Western Europe, and Asia Pacific earlier this year. The results were released in the company's February 2016 report, "Cybersecurity Skills Shortage: A State of Emergency." One third of respondents identified cloud security as the place their organization has the biggest security skills deficiency. Demand is high as large businesses generate jobs for cloud security architects.
There are several threats particular to cloud security, according to InfoWorld. Some of the top dangers include data breaches, system vulnerability exploits, hijacked accounts, inadequate diligence, and malicious insiders.
In a space where the number of jobs exceeds the number of skilled professionals, IT pros would be wise to explore opportunities to develop cloud security expertise. For example, institutions such as SANS and CSA offer cloud security certifications.
Network monitoring is critical in defending the enterprise, explained PAC's Fisher in an interview. All cyberattacks are based on getting malware or spyware inside the organization.
"Often these attacks are successful because criminals discover vulnerabilities in the network that the business is unaware of," Fisher said. "Attackers can be inside an organization for months, even years, monitoring and exfiltrating the data."
While advanced network monitoring apps are essential to flag suspicious behavior, he continued, organizations also need professionals who know what they're looking for and can make quick decisions when suspicious behavior is detected. Network managers who have experience in optimizing network efficiency are well-prepared for this type of security-focused role.
Many cyber-security specialists often start out as information security analysts, an entry-level position in the security field. In general, these analysts plan and activate security measures to protect their businesses' systems.
Their responsibilities are growing as cyberattacks continue to increase, reported the US Bureau of Labor Statistics. According to the BLS, the number of jobs for information security analysts is projected to increase 18% between 2014 and 2024. Demand is high because these professionals will be needed to build innovative solutions to prevent hackers from entering corporate networks and stealing sensitive data.
The number of job postings for data security professionals has grown as more organizations move to the cloud, reported BankInfoSecurity. Users want instant access to data, but it's difficult for businesses to make information accessible and secure.
If your business doesn't have a data security professional, and isn't seeking one, now is the time. Organizations in vulnerable fields, such as healthcare and financial services, are hiring data-savvy IT pros to protect their information from threats.
The number of job postings for data security professionals has grown as more organizations move to the cloud, reported BankInfoSecurity. Users want instant access to data, but it's difficult for businesses to make information accessible and secure.
If your business doesn't have a data security professional, and isn't seeking one, now is the time. Organizations in vulnerable fields, such as healthcare and financial services, are hiring data-savvy IT pros to protect their information from threats.
-
About the Author(s)
You May Also Like