The Cyber Talent Gap and Cybersecurity Professionalizing

The Cyber Talent Gap and Cybersecurity Professionalizing

Calvin Nobles (University of Maryland University College, Adelphi, USA)
DOI: 10.4018/IJHIoT.2018010104

Abstract

Two significant issues loom throughout the cybersecurity domain. The first is the shortage of cybersecurity professionals and the second quandary is the lack of minimum entry standards in cybersecurity. Some organizations' cybersecurity operations are suffering due to the cybersecurity talent gap accompanied by the increasing sophistication and number of cyber-attack attempts. The shortage of cyber talent is rampant in private entities as in public agencies, which highlights the resolve for entry standards into cybersecurity to enhance the professionalization. Researchers and practitioners provide countless recommendations for ameliorating the cybersecurity workforce by addressing the professionalization issue. Professional associations are the nexus of cybersecurity and possess the expertise, leadership, and sustenance to spearhead efforts to develop national-level strategies to resolve the talent gap and establish professionalization standards.
Article Preview

Introduction

There is no doubt that the cybersecurity talent gap is taking a toll on private and public organizations as researchers assert that in 2017 there was a shortage of two million cybersecurity professions (Zantua, Dupuis, & Endicott-Popovsky, 2015). There is a multitude of surveys, reports, and studies indicating a shortage of cybersecurity professionals, which is a global problem, inciting extensive recruitment projects and academic partnerships to increase the number of cybersecurity professionals (Cobb, 2016). The tumultuous cybersecurity threat environment coupled with the mounting cost of cybercrime is forecasting a cost of $400B a year (Spidalieri, 2016). The continuous development of new technology encourages malicious actors to engage in nefarious activities, which increases uncertainty in cybersecurity (Cobb, 2016; Dutta, Geiger, & Lanvin, 2015; Keely, 2017; Spidalieri, 2016). Keely (2017) indicates that phishing, spearphishing, ransomware attacks, social engineering, and malware are primary threat vectors used by malicious cyber actors. Organizations are struggling to find the correct balance between technology, processes, and people as malicious cyber actors have the strategic advantage in executing attacks because cybersecurity defense continues as a reactive mechanism to nefarious activities (Henshel, Cains, Hoffman, & Kelley, 2015). Organizations suffer from the shortage of cybersecurity professionals, technological vulnerabilities and dependency, and increasing response times between the attack and initial response (Spidalieri, 2016). Cobb (2016) asserts that the shortage of cybersecurity professionals globally could exceed one million; consequently, resulting in the weakening of security preparedness and distrust in information security capabilities. According to Cobb (2016), the uncertainty surrounding the cybersecurity professional shortage requires empirical research to assess the problems holistically. Professional associations are centrally positioned within the cybersecurity nexus to lead and strategically identify critical skills shortages, the professionalization of cybersecurity, discover innovative pipelines, and compose an accurate assessment of the talent shortage. The purpose of this paper is to discuss the significant role of professional associations in addressing the talent shortage in cybersecurity.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 3: 2 Issues (2019): Forthcoming, Available for Pre-Order
Volume 2: 2 Issues (2018)
Volume 1: 2 Issues (2017)
View Complete Journal Contents Listing