Industry Trends

Strategies for Overcoming the Cybersecurity Skills Gap

By Fortinet | July 08, 2020

Skills Gap Perspectives

This is a summary of an article written for World Economic Forum by Sandra Wheatley, Fortinet’s Senior Vice President, Threat Intelligence, Marketing, and Influencer Communications. The entire article can be accessed here

The need for skilled cybersecurity professionals is more crucial than ever, with global shortages in talent affecting 82% of organizations. Further, 71% of those organizations believing this talent gap has caused direct and measurable damage to their organizations. Many organizations are choosing to bridge their skills gap with high-tech solutions that employ automation. While this is an important and effective strategy, it is still not enough. Business leaders must go beyond adding essential solutions to their toolkits by also looking to their current resources, including their teams, to fully address this issue.

Overcoming the Cybersecurity Skills Gap

While security solutions play a crucial role in protecting organizations and their assets, they alone are not the answer. What’s missing from those tech-based strategies is the human element. Below are four tips to help overcome the staggering problem of a severe shortage of skilled cybersecurity professionals. 

View Cybersecurity as an Enabler, Not an Obstacle

Organizations that prioritize digital innovation are realizing impressive results. Legacy systems are being overhauled, teams are adapting to new ways of working in the digital space, and new external partnerships built on the sharing of data, documents, and ideas are being formed. Additionally, the subsequent move to the cloud has resulted in dramatic improvements regarding application performance and productivity. 

While these strategies are significant to business growth and continuity, cybersecurity must remain a priority amid this shift. Corporate leaders know that no organization is exempt from the crippling impact of data breaches, ransomware, and distributed denial-of-service (DDoS) attacks. With the public’s growing awareness of data breaches impacting the big brands they once trusted, leaders are even quicker to recognize the value of having proper cybersecurity measures in place. For many, these measures come in the form of security solutions that provide protection without hindering performance. 

Given the growing volume and sophistication of today’s threat landscape, cybersecurity can no longer be seen as restricting development, but as a mechanism for ensuring that innovation does not introduce risks that could compromise the entire enterprise. Of course, this requires rethinking what types of security solutions should be part of your infrastructure, and how they should be integrated into your expanding network environment. Broad and seamless integration between security devices, and between security and the network, is key.

Recognize Cybersecurity as a Team Effort

Cybersecurity is not just the responsibility of one person or team. Everyone in an organization has a role to play in keeping company data and resources safe and protected. Working together, everyone from front line staff to managers to the C-suite can do their part to circle the wagons and protect their resources. It takes effort and a well-planned, ongoing cyber education program that’s in tune with company culture. 

Get the C-Suite Involved

CISOs or CIOs may spearhead cybersecurity awareness programs at their organization, but for maximum effect, everyone in the C-suite should get involved. Getting top executives to see the value of education and training is simply a matter of linking performance to security. 

Take, for example, the chief financial officer (CFO). Data breaches can directly impact the bottom line when penalties for compliance violations enter the picture, something that’s only becoming more expensive as attacks are more effective and privacy regulations mount. This fact alone should be a motivator for supporting a cybersecurity awareness program. 

From a managerial standpoint, these individuals should recognize that downtime equals lost productivity. Proficiency in cybersecurity best practices can reduce downtime and minimize the impact of successful breaches so teams can keep working and make their deadlines. 

The Chief Operating Officer (COO) might be interested in the fact that a cyber-educated workforce helps with the retention of technical talent. On the other side, the Chief Marketing Officer (CMO) will likely appreciate that a cyber-savvy workforce is good for brand reputation as it shows a commitment to protecting customer data even as cybercriminals become more advanced in their attack methods.

Collaborate on Cybersecurity Awareness

In the face of mounting cybercriminal activity and increasingly sophisticated forms of attack, companies that collaborate will present a more robust defense against cyber threats. Cybersecurity education resources can be shared — why reinvent the wheel? Education and training need to be customized, of course, but the underlying principles of cybersecurity awareness should run as a common thread throughout every program. 

Final Thoughts

To assist with the goals of creating a more educated workforce, the World Economic Forum Centre for Cybersecurity, Fortinet, and Salesforce have recently joined forces to launch the Cybersecurity Learning Hub, which offers free resources for organizations to promote cybersecurity awareness and help with security initiatives including:

  1. Preparing staff on how to react in the event of a breach
  2. Learning how upper management can help improve cyber resilience
  3. Learning cybersecurity best practices
  4. Preventing cyber attacks

While the cybersecurity skills gap is a serious issue, it does not have to inhibit organizations when it comes to protecting critical assets. By getting all team members involved, with the help of training and shared resources available through partnerships with other organizations, organizations can establish and maintain an effective security strategy, augmented with advanced security and automation technologies. By leveraging readily available resources, organizations can defend against modern cyberattacks, even as they grapple with the ongoing cybersecurity skills gap.

Find out more about Fortinet’s NSE Training Institute programs, including the Network Security Expert programNetwork Security Academy program and FortiVet program, which provide critical cybersecurity training and education to help solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.