Why Recruiting Cybersecurity Talent Is Like Looking for a Needle in a Haystack
Enterprises looking to beef up their cyber resilience face major challenges in on-boarding cybersecurity professionals due to a huge shortage of skilled resources in the market. According to industry reports, the number of unfulfilled security roles is expected to cross 1.5 million by 2022. It is projected to get worse in the future.
Compounding the problem for CISOs are the challenges with existing cybersecurity staff, who face high levels of job-related stress and burnout, due to daunting workloads along with long hours of work.
How do newly minted cybersecurity graduates stack up?
A cybersecurity engineer is expected to have core skills in network technologies, Linux and Windows operating systems, computer architectures, common exploitation techniques, cryptography, and virtualization. Some knowledge in creating automation scripts is essential as well.
SAN Institute did a survey of over 500 cybersecurity practitioners to identify the skills most lacking in job candidates and the results are alarming.
|Skill area||Percent of cybersecurity job candidates who were unable to perform even basic tasks||Percent of cybersecurity job candidates who demonstrated hands-on mastery|
|Common exploitation tachniques||66%||4.5%|
|Data and cryptography||30%||2%|
The cybersecurity training industry needs to evolve and focus more on providing hands-on training in virtual labs or cyber ranges to build real-world skills relevant to business. Industry certifications need to go hand-in-hand with practical, real-world skills needed for the job.
Red hot jobs in Security Operations
The Security Operations team is responsible for ensuring that the operations of a company’s digital infrastructure remain cyber resilient. Some of the highest-paying jobs are in security operations, as skills availability is an ongoing challenge.
In demand are Red Team roles, which include web and mobile penetration testing, exploit development, and reverse engineering. Key Blue Team roles in demand include threat hunting, incident handling and response, malware analysis, and digital forensics.
Although Red Team roles have a halo around them, the Blue Team roles are where you can find the majority of the jobs in security operations.
Specialized training and certifications for Red and Blue Team roles are highly valued in industry and are worth the investment.
Check out our elite Red and Blue Team training courses and certifications here.