The need for cyber-skills is at an all-time, whether this relates to running enterprise applications, driving digital transformative change, or boosting cybersecurity applications. Yet the business world is facing a shortfall.
Internet uses has accelerated in the past year (as Google’s profits testify and as measured by traffic and transactions reaching unprecedented levels). This is a mix of general browsing and business transactions.
In terms of enterprise, online transactions increased by 39.7 percent compared to the index period in January 2020. In addition, the global conversion rate rose by 40.3 percent, a far higher figure compared with the preceding twelve-month period.
One unfortunate downside of this is a growth in the level of malicious attacks. INTERPOL Secretary-General Jürgen Stock has stated: “Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19”.
According to the International Standards Organization estimates suggest that up to 3.5 million cybersecurity jobs will remain unfilled throughout 2021.
To address this, larger businesses are developing a dual approach, consisting if upskilling those already in the cybersecurity industry, together with seeking means to entice newcomers into the sector. For smaller players, such strategies are not possible due to the investment challenges and difficulties reaching scale. This means greater reliance upon external providers.
In some areas, the public sector is working with the private sector to address the gap. An example of this, portrayed in the Harvard Business Review, is with the New York City Economic Development Corporation (NYCEDC), a partnership that is building a new generation of cyber talent in the Big Apple, using local authority support together with major corporation guidance and investment.
However, what all businesses can do is undertaken a risk assessment. Knowing what the hazards are and the risk they pose is half of the battle. From this, attempts can be made to position a baseline of controls to try and mitigate the identified risks.
Many of these risk assessment outcomes will be connected to cybersecurity. Indeed, some industry insiders are of the view that all IT positions double-up as a cybersecurity position. Hence, all IT workers have no choice other than to be involved with protecting and defending apps, data, devices, infrastructure, and people.