Cyber Skills Gap Linked to Breaches

Most organizations have suffered a data breach connected with a shortage of skills in the cybersecurity industry, according to new research published today.

Fortinet’s 2022 Cybersecurity Skills Gap Report identified multiple risks associated with cybersecurity’s skills gap. Most (80%) organizations surveyed for the report said they had suffered at least one breach they could attribute to a lack of cybersecurity skills or awareness. 

Researchers found that globally 64% of organizations experienced breaches that resulted in the loss of revenue, recovery costs and/or fines.

“According to the Fortinet report released today, the skills gap isn’t just a talent shortage challenge, but it’s also severely impacting business, making it a top concern for executive leaders worldwide,” said Sandra Wheatley, SVP of marketing, threat intelligence and influencer communications at Fortinet.

Researchers found that 95% of leaders believe technology-focused certifications positively impact their role and their team, and 91% are willing to pay for an employee to become cyber certified.

Fortinet has pledged to train 1 million professionals to increase cyber skills and awareness by 2026. 

“Through Fortinet’s Training Advancement Agenda (TAA) and Training Institute programs, we are committed to tackling the challenges revealed in the report through various initiatives, including programs focused on cybersecurity certifications and recruiting more women into cyber,” said Wheatley.

Most (87%) organizations surveyed have implemented a training program to increase cyber awareness. However, 52% of leaders believe their employees still lack necessary knowledge.

“Cybersecurity is no longer just an industry issue,” commented Joseph Carson, chief security scientist and Advisory CISO at Delinea, “It is one that can impact all of society and that means cybersecurity training is needed for everyone to reduce the risks from cyber-attacks.”

Chris Morales, CISO at Netenrich, said the scarcity of security professionals placed those working in the industry at risk of burnout. 

He said: “Today’s skills shortage, and the overload of work on the people tasked with managing it, reflects how manually intensive and complex the threat detection and response process are and how this vigorous, time-consuming process limits analysts from being effective in managing risk to enable business growth, which should be the primary of any security program.”

What’s Hot on Infosecurity Magazine?