Security Talent Shortage Hurts Business

Karen A. Frenkel Avatar

Updated on:

Security Talent Shortage Hurts Business

Security Talent Shortage Hurts BusinessSecurity Talent Shortage Hurts Business

Organizations with few full-time security experts pay three times more to recover from a cyber-attack than businesses with in-house experts.

Cyber- Security Talent ShortageCyber- Security Talent Shortage

48% of the businesses surveyed admitted that there is a shortage of cyber-security talent, and 46% reported a growing demand for more of these specialists.

Protecting Business AssetsProtecting Business Assets

33% of the businesses said improving specialist security expertise is one of the top three drivers for an additional investment in IT security.

Cyber- Attacks Are ExpensiveCyber- Attacks Are Expensive

Large enterprises with few full-time security experts pay almost three times more to recover from a cyber-attack than those with in-house expertise: $1.2 million to $1.47 million versus $100,000-$500,000.

Costs of External HelpCosts of External Help

A significant portion of cyber-attack recovery costs is used for additional wages for hiring external expert help. The average cost: $126,000 for enterprises and $14,000 for small businesses.

More Full-Time Security ExpertsMore Full-Time Security Experts

69% of companies expect an increase in the number of full-time security expert, and 19% expect a significant increase.

Attacks That Spur Security HiringAttacks That Spur Security Hiring

POS exploits: 46%, Zero day exploits: 41%, Hactivist activities: 38%, DDoS attacks: 37%, Third-party cloud breaches: 37%,

Security EducationSecurity Education

Higher education is needed to fulfill the demand for more security experts, but there’s also a call for changes in the security industry. One solution is to aid universities with relevant experience.

Sharing IntelligenceSharing Intelligence

Another solution involves sharing intelligence with corporate customers in the form of threat data feeds, security training, and services to develop strategic security in the wake of advanced threats.

From Prevention to Detection and ResponseFrom Prevention to Detection and Response

Businesses tend to focus on prevention technologies and pay less attention to threat detection and response. But in three years, companies expect to invest 60% of their IT budgets on protection approaches beyond prevention.

RecommendationsRecommendations

The report recommends building new security solutions with intelligence in mind and ensuring that new findings about the evolving threat landscape are shared with everyone involved.

Karen A. Frenkel Avatar