The cyber security industry is under mounting pressure. As cyber-attacks become more common and the amount of data stored online increases (not only in volume but also in sensitivity) most industries are naturally growing concerned at the exponential growth of cybercrime. A report from Ponemon Institute found that 47% of the 662 IT professionals questioned have experienced a cyber security breach within the last two years. These breaches took place in both the public and private sector across the globe.
Cyber threats are occurring across the globe. One of the largest cyber security breaches of history occurred last year in the US, when JPMorgan Chase fell victim to cybercrime. During this breach personal information such as the names, phone numbers and email addresses of 76 million households were acquired. In UK telecoms provider TalkTalk was hacked earlier this year, with bank details from thousands of customers being stolen. OKCoin, the world’s largest bitcoin exchange server, was also recently forced to suspend some of its services after experiencing a cyber attack from hackers.
Such examples only further highlight the need for all businesses to strengthen their approach to cyber security, especially firms holding personal customer details. This has led to an increase in demand for cyber security professionals and a dramatic increase in opportunities available across several industries.
A report recently released by the Identity Theft Resource Center (ITRC) revealed that the business sector has accounted for 16 million exposed records so far in 2015; the medical and healthcare sector is responsible for 120 million exposed records, and the government and military sectors are accountable for the loss of nearly 34 million records.
As a result of these high-profile cases and alarming statistics, the same Ponemon report found that intelligence sharing is swiftly becoming a popular method to help fight off such malicious attacks. This practice involves vendors, industry groups and peer-to-peer exchange programs sharing the information they have available with one another in an open and collaborative environment.
The majority of respondents said vendors were their main source of information on cyber security threats (61%), followed by peers from other companies (56%). Both platforms act as a key source of information on malicious IP addresses and URLs.
However, the ever-evolving nature of IT and cyber security means information often comes with a very short shelf-life; threats are often replaced with new threats almost immediately – 60% of respondents said some information loses its usefulness within minutes. Yet, very few IT professionals receive security threat information in real-time.
This is where the cloud could benefit IT professionals. Just as employees are utilising mobile devices and the cloud to access business information and systems, IT security professionals could also be looking to this platform to access threat details. Wolfgang Kandek, the Chief Technology Officer for Qualys, has noted that moving away from traditional enterprise systems and into the cloud will allow security professionals to respond quickly and in the most effective and appropriate manner possible.
The 2015 Global Cyber security Status report from the ISACA states that, come 2020 there will be 1.5 million unfilled cyber security roles across the globe. In order to meet these changing demands, the Asian market is investing heavily in cyber security practices and education. The US, on the other hand, is suffering from a severe lack of cyber security talent, particularly at the mid-senior level.
This is driving up salaries for CISOs (Chief Information Security Officers) who have a successful track record of implementing proven policies and procedures and building successful teams. It’s also driving demand for the security consulting market, which is now worth over $15 billion dollars and saw year-on-year growth of almost 10% in 2015. This market is dominated by Deloitte, IBM and EY.
The cyber security market is estimated to grow to $170 billion (USD) by 2020, at a Compound Annual Growth Rate (CAGR) of 9.8% from 2015 to 2020, according to a report from Markets and Markets.
So how can businesses address the cyber security skills gap? Should talent be sourced from outside the industry and transferable skills given prominence, or should appropriate training, coaching and education be put in place within an organization for talent to be trained internally from junior level? Even with a combination of these two approaches, is it a case that no matter how well prepared an organization is, the hackers and criminals will always be one step ahead?
If you’re struggling to find the talent needed to meet cyber security needs, or are seeking new opportunities in the sector, contact the Glocomms team today.
Glocomms is a leading specialist recruitment agency for the technology sector. We were founded in 2013 to give clients and candidates peace of mind that the
recruitment process is in expert hands. Our continual investment in best-in-class technologies and consultant training enables us to recruit with speed, precision and accuracy. Today, Glocomms provides contingency, retained search and project-based contract recruitment across our offices in San Francisco, New York, London and Berlin. Find out how Glocomms can help you.