Connect with us

Hi, what are you looking for?

HEADLINES

The financial impact of the shortage in IT security experts on businesses

Large businesses that struggle to attract sufficiently skilled IT security experts end up paying up to three times more to recover from a cybersecurity incident. This is one of the key findings of a recent report prepared by Kaspersky Lab, based on the experience of company experts and data from the 2016 Corporate IT Security Risks survey. 

Besides the measurable budget impact, a significant share of businesses is observing a growth in wages, a general shortage in expert availability, and the need for more specialists in the field.

Technical expertise and beyond

Citing complexity of IT infrastructure, compliance requirements and the overall desire to protect business assets, companies are highly motivated to grow their security intelligence. In fact, for a third of businesses, the improvement of specialist security expertise is one of the top three drivers for an additional investment in IT Security.

Advertisement. Scroll to continue reading.

The growing demand is not easy to fulfill due to a lack of available specialists and increasingly complex requirements. Kaspersky Lab employs hundreds of security professionals, and the company’s own recruitment managers report that on average, only one applicant out of forty, meets the strict criteria for an expert position.

But the challenge is not limited to technical know-how. The report quotes Kaspersky Lab’s security experts, who indicate that the need for security managers is even more substantial.

On top of deep technical knowledge, managers’ duties include communication with top management and overseeing the overall strategy – qualities that are especially important, and in fact, more appropriate, for large companies.

The report adds a final touch to the bigger picture of talent shortage with education challenges. Success in IT security requires a certain degree of passion for this particular IT field, willingness to constantly self-educate, and the ability to adapt to an ever-changing threat landscape.

Higher education institutions recognize the need revise their programs, and at the same time acknowledge the challenge of embedding security-oriented thinking into a wide variety of IT courses.

Advertisement. Scroll to continue reading.

A call to action for the security industry

Overall, 68.5% of companies expect an increase in the number of full-time security experts, with 18.9% expecting a significant increase in headcount. Higher education is an important part of fulfilling such a demand, but this is also a call for a change within the security industry itself.

One of the solutions is to aid universities with relevant experience. Another, and very important in the long term, is to adapt R&D efforts towards the effective sharing of intelligence with corporate customers in the form of threat data feeds, security training and services.

A proper combination of security solutions and intelligence is what helps corporate security teams to spend less time on regular cybersecurity incidents and focus on strategic security development and advanced threats. The report provides an example of such vision from Kaspersky Lab’s business experience.

“In this evolving industry the relationship with our customers already goes beyond the shipment of a technology or a product. We need to provide them with the skills and training required to identify on-going attacks. Detailed knowledge about attacks on other businesses, in the form of intelligence reports, is also necessary, along with actionable, machine-readable data about on-going threats. Solving the different challenges of threat prevention, the detection of targeted attacks, incident response and prediction requires a lot of flexibility,” comments Veniamin Levtsov, Vice President, Enterprise Business at Kaspersky Lab.

Advertisement. Scroll to continue reading.

“As a security vendor we are dedicated to increasing the quality and size of the expert security workforce around the world. Among many projects to support this initiative we are developing IT Security Fundamentals – an educational course that will hopefully help more IT professionals to start their journey in the field of security expertise,” adds Levtsov.

The full report titled “Lack of security talent: an unexpected threat to corporate cybersafety” is available at Kaspersky Lab’s website here.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement