What to Do About the Cybersecurity Workforce That’s Not Growing Fast Enough

By CISO Collective Editorial | July 21, 2022

The cybersecurity skills gap continues to be a serious problem for CISOs worldwide. According to the Fortinet 2022 Cybersecurity Skills Gap Report, the organizations surveyed say that the cybersecurity skills gap has contributed to 80% of breaches. Inadequately trained employees and short-staffed cybersecurity teams are making it difficult for organizations globally to keep their critical digital assets safe from threats, which is why cybersecurity awareness and training, among other things, is a critical part of any CISOs security strategy to protect their organizations against threats.

The Cyber Skills Gap Affects Businesses’ Bottom Line

The cybersecurity workforce needs to expand by 65% to adequately defend the digital world, according to the (ISC)2 2021 Cyber Workforce Report. While the number of unfilled cybersecurity jobs went down by around 400,000 in 2021, there are still 2.72 million unfilled positions that need individuals with the appropriate cybersecurity skills. With critical security roles not being filled, organizations around the globe are vulnerable to cybercrime threats.

There’s no question that the talent shortfall in the cybersecurity workforce is severely hindering business productivity and progress. Fortinet’s report reveals that globally 64% of organizations have experienced breaches that have led to loss of revenue, expensive recovery costs, and/or embarrassing fines by authorities. As a result of this negative impact, CISOs have the skills gap as a top of mind concern and a challenge many are working to solve to alleviate their strained security teams.

Cybersecurity Awareness Training for All

Employees can be a strong line of defense at their organizations, but only if they are aware of the methods threat actors use. Otherwise, employees can introduce risks and make their organization vulnerable to attacks by falling victim to threat actors.

A robust security architecture is only part of a company’s security strategy. Employees also need to be cyber aware to truly protect a company’s valuable digital assets. As threat sophistication only continues to rise, it is especially crucial that employees have a good understanding of cybersecurity best practices. To help develop all employees’ skills regardless of what role they are in, cybersecurity awareness training – such as Fortinet’s awareness training service – is a critical part of any CISOs’ security strategy. Every employee should have the education and awareness required to keep up with the threat landscape.

Fortinet’s skills gap survey also reveals that providing employees continuing education opportunities is an effective way for organizations to address their cybersecurity skills gap. The report states:

  • 95% of the surveyed organizations believe technology-focused certifications have a positive impact.
  • 81% of these organizations prefer to hire people with certifications.
  • 91% of respondents said they are willing to pay for an employee to receive cybersecurity certifications.

Shifting Hiring Practices to Recruit Diverse Talent

Growing the candidate pool for filling cybersecurity openings by proactively pursuing those in under-represented communities is an excellent method for filling the gap. The good news in our cybersecurity skills gap report is that there’s ample evidence that organizations are working hard to build more diverse teams:

  • 89% of the surveyed companies have explicit diversity goals as part of their hiring strategy.
  • 75% of these organizations have formal structures to specifically recruit more women.
  • 59% of these organizations have strategies in place to hire minorities.
  • 51% of these organizations are focused on hiring more veterans.  

Fortinet’s TAA and Training Institute Initiatives

Fortinet wants to be a significant contributor to bridging the talent shortage. As part of this commitment, Fortinet has pledged to train one million people in cybersecurity by 2026. The Fortinet Training Advancement Agenda (TAA) and Training Institute programs are our initiatives focused on educating individuals and providing certifications to anyone who want to expand their knowledge base.

Through its programs, Fortinet is helping to resolve the cybersecurity skills gap issues and preparing the cybersecurity workforce of tomorrow. The Fortinet Training Institute relies on public and private partnerships to address the skills gap by increasing the access and reach of its cybersecurity certifications and training. This includes partnerships with leaders in business, academia, government, and nonprofits to help remove the issues that create the cybersecurity skills gap.

Find out more about how Fortinet's Training Advancement Agenda (TAA) and Training Institute programs—including the NSE Certification programAcademic Partner program, and Education Outreach program—are helping to solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.

Read Fortinet's 2022 Cybersecurity Skills Gap Global Research Report here.