2020...what year...and it's not even over yet! There's still plenty of time for awful stuff to happen to us all! I, for one, am rooting for a giant asteroid to hit us right around election time, but to be honest, I'll take what I can get...
Regardless of how crummy this year has been for pretty much...everybody...the world hasn't stopped spinning, and cybersecurity is still a thing. And what a thing it is! I just finished reading the 2020 edition of The Life and Times of Cybersecurity Professionals and thought I'd share some of the interesting facts I found. The report was published by the Enterprise Strategy Group in conjunction with the Information Systems Security Association International (ISSA) and written by Jon Oltsik.
We've featured work by Jon here before, and he's a smart, smart guy. Whenever I see his name pop up on a report or white-paper, it automatically catches my interest.
You can take a gander at the report here if you like. It's about 50 pages long, so it'll take you a while to get through. If you don't have the bandwidth, just sit back and relax and follow along with the highlights posted below.
- There's still a cybersecurity skills shortage, and it's getting worse. 70% of the ISSA members polled in the report believe their organization has been hit hard by the already prominent global cybersecurity skills shortage.
- Hands-on experience trumps certifications. Not surprising, but 52% of those polled said they'd much rather get hands-on with their work and gain the first-hand experience rather than just hold a certificate. 44% said they thought both hands-on experience and certifications were important.
- It can take years to become proficient cybersecurity professional. Talk about a need for hands-on experience, right? According to the report, 39% believed that it takes between 2 to 5 years to develop real cybersecurity proficiency, and 18% said it can take even longer. That's unsurprising considering the rate at which technology evolves, and threats are developed and released out into the wild.
- Governments and schools aren't keeping up with today's challenges. That's shocking, right? No? You must be a frequent reader of our blog then. For what felt like an eternity, we published stories of governments (municipal, state, and federal levels) and schools that were getting hammered left and right by cybercriminals. 84% of the professionals polled for the survey said that public schools/institutions weren't doing enough to protect themselves digitally.
- Cyber-criminals have the advantage. 67% of respondents believe that cyber-criminals have a big advantage over cybersecurity professionals. That's up 8% from last year's 59%.
One of the things absent from the report is the impact the Covid-19 pandemic has had on cybersecurity and the way people work as the pandemic slowly trudges on.
Covid-19 had dictated a drastic and sudden change to the way we all work (remotely). Barracuda Networks released a study back in May (that you can read here) but I'm going to post some of their findings below to help add some depth:
- 51% of responders have seen an increase in email phishing attacks since shifting to a remote working model
- 51% of respondents said their workforce is not proficient or properly-trained in the cyber risks associated with remote working
- 46% are not confident their web applications are secure
- 50% have allowed employees to use personal email addresses and personal devices to conduct company work
- 40% of respondents have cut their cybersecurity budget as a cost-saving measure to help tackle the COVID-19 crisis.
- 46% of respondents have already had one cybersecurity scare since shifting to a remote working model
- 49% fully expect to see a data breach or cybersecurity incident in the next month due to remote working
- 50% would consider making workforce reductions if it meant company data protection and security could be properly-funded
- 55% say they wouldn't have implemented remote working within the next 5 years, had it not been for the COVID-19 crisis
- 56% plan to continue widespread remote working even after the crisis is over
- 53% report that the Covid-19 crisis had made them accelerate plans for moving all their data to a 100% cloud-based model
Interesting stuff, no?
Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.