Cybersecurity is an important component of any company's operations. Small businesses are especially at risk for data theft or security breaches — Keeper Security and the Ponemon Institute found that 50 percent were breached within the last year — so they need people and technology to protect their sensitive information.
But according to a report by Intel Security and the Center for Strategic and International Studies (CSIS), 209,000 cybersecurity jobs went unfilled in the United States alone in 2015. That growing IT skills gap leaves businesses vulnerable to cyberattacks and theft: More than 70 percent of IT professionals surveyed in the study said the cybersecurity skills gap in their organization has had a direct negative impact on their companies, and 25 percent said propriety data has been lost due to this gap.
"A shortage of people with cybersecurity skills results in direct damage to companies, including the loss of proprietary data and IP [intellectual property]," James A. Lewis, senior vice president and director of the Strategic Technologies Program at CSIS, said in a statement. "This is a global problem; a majority of respondents in all countries surveyed could link their workforce shortage to damage to their organization."
So what can businesses do to solve the growing talent shortage? Here are a few tips from the experts. [See Related Story: Cyberattack Risks Remain a Threat to Businesses Despite Insurance]
Set high standards for cybersecurity jobs. In the study, which surveyed 775 IT professionals in eightcountries, nearly half of respondents cited a lack of training or qualifications as major concerns. It should not be easy to land a job in such a complex field; the report recommended redefining the minimum credentials for entry-level jobs and looking carefully at a candidate's experience and skill set.
Not sure what to look for in your candidates? Our sister site Tom's IT Pro has outlined the best IT certifications for 2016.
Provide additional training and education opportunities. Only 23 percent of the survey respondents said that traditional IT education programs are preparing students well enough to succeed. Hands-on training, gaming and technology exercises and hackathons may actually be a better educational resources, according to the report.
"To address this workforce crisis, we need to foster new education models, accelerate the availability of training opportunities, and we need to deliver deeper automation so that talent is put to its best use on the frontline," said Chris Young, senior vice president and general manager of Intel Security Group.
Expand the industry. Respondents revealed that an average of 15 percent of cybersecurity positions in their company will not be occupied by 2020. The report calls for diversification of the cybersecurity field, as more than three-quarters of respondents said their governments are not investing enough in building cybersecurity talent.
Invest in the right technology. One way to help bridge the workforce skills gap is to look into intelligent security automation, said the report. Intel and CSIS advised using this type of technology to collect cyberattack data and develop better metrics to identify threats.
For more information and recommendations, read the full report.