Concerns around the cyber talent shortage override economic uncertainty

Insufficient staff is the top (51%) concern for CISOs when asked which factors most affect their ability to deliver against their objectives.

  • 2 months ago Posted in

The tenth annual Information Security Maturity Report published by ClubCISO in collaboration with Telstra Purple, finds that CISOs are continuing to hire despite widescale economic uncertainty and increasingly looking to diverse pools of talent to make up an urgent shortfall of talent on the global stage.

Informed by a survey of security leaders across public and private sector organisations around the world, the report emphasises how navigating the talent shortage is at the top of the agenda for security leaders.

Insufficient staff numbers posed one of the greatest challenges for industry leaders in achieving their objectives. In stark contrast to other functions in the IT sectors, more than half (52%) of CISOs said that they expect to expand their team this year and only 5% anticipated a down-sizing. The next biggest concern for respondents was the culture of the organisation (31%), highlighting that people/cultural challenges are still considered more impactful on the ability to deliver against objectives than macro challenges such as budgets (29%), the supply chain (25%), and the economic downturn (22%).

In growing their teams, security leaders also recognised optimal ways in which to do so, with the majority placing emphasis on diverse recruitment and ensuring equal access to opportunities. Asked about the value of diversity, most CISOs (78%) said they believed that it is beneficial to bring different perspectives into the business, while improving culture (54%) and fostering greater innovation (48%) were the next most common reasons.

With social engineering still the leading cause of material breaches over the last year (accounting for 38% of reported material breaches, and higher than any other attack vector), CISOs agree that recruiting diverse teams with a range of perspectives and experience could significantly help.

ClubCISO Advisory Board Member, Kevin Fielder, commented, “In security teams, it’s encouraging to see diversity being viewed as an opportunity, and something that needs to be pursued actively to meet the challenges we face going forward. The report highlighted real ingenuity from CISOs who are now looking at diversity from a range of vectors including cultural, racial, educational and professionally diverse backgrounds.”

While the vast majority (84%) of respondents feel confident or very confident that their organisation has a strategy in place to offer equality of opportunities for candidates, there is a wider spread of opinions on how best to actually recruit these diverse teams. CISOs are hiring most from culturally/racially diverse backgrounds (60%), but the next highest-scoring strategy was recruiting from educationally diverse backgrounds (48%). Recruiting candidates from professionally diverse backgrounds was almost as common (47%) but focusing on gender diversity is rarer, with only 36% giving it specific focus.

Rob Robinson, Head of Telstra Purple EMEA, sponsors of the ClubCISO community, said, “Over the past ten years, the ClubCISO report has been a vital barometer for the security industry and the CISOs navigating it. While security maturity continues to evolve and material breaches are down, the industry now faces a talent crossroads with personnel concerns outweighing purely financial constraints. CISOs are recognising the intrinsic value of diverse talent and taking a leadership role in recruiting from non-traditional areas”.

IT channel partners selling managed services are poised for robust growth in 2023, with a new forecast predicting global expansion of 12.7 percent, up from US$419 billion in 2022.
Combining digital and industrial data, Hitachi Vantara helps customers intelligently assess IT systems and OT processes for a more energy-efficient future.
Immersive Labs has unveiled the expansion of its enterprise-class, AI-ready platform, now with coverage across the entire organisation through its new Workforce Exercising solution.
Automation is helping teams improve software quality and reduce costs, yet organizations have only automated 56% of their DevOps lifecycle.
87% of organizations allocated budgets to update network tools for remote and hybrid users, but only 32% have been successful in doing so.
33% of businesses have insufficient financial resources to innovate.
Skill shortages are stifling the IT industry’s growth, with the majority of IT businesses (92%) feeling there’s a significant gap between the skills held by their current workforce and those needed to meet business objectives.
Hornetsecurity’s essential guide to Microsoft 365 will assist companies with navigating M365 and successfully transitioning to the cloud.