The scarcity of cybersecurity professionals is a growing concern for organizations worldwide. Various factors, including the global shift to remote work, the proliferation of cybersecurity tools and services, a never-ending barrage of cyberattacks, and burnout among existing professionals, have exacerbated the cybersecurity skill shortage.
This shortage in talent poses a significant risk for organizations, with many unable to fill critical cybersecurity positions. According to Clar Rosso, the CEO of ISC2, whose company is responsible for certifying cybersecurity professionals, there are five million filled positions around the globe, which is an 8.5 percent increase over 2022. That’s the encouraging news. However, there are 4.5 million unfilled cybersecurity positions, and this category of open positions is growing faster than the growth in certified professionals.
“We found that when organizations do not have enough cybersecurity staff, they basically are not doing the basics. They are not patching their critical systems in timely ways. They're misconfiguring systems. They're not actively scanning their threat landscape,” Rosso said. “We're just waiting for something to happen for every organization. Nobody's not vulnerable.”
The need to grow the cyber workforce and prepare for the next generation of professionals is dire. So, what can be done?
Widening the Cybersecurity Talent Pool
Sophos is partnering with Boise State University’s Institute for Pervasive Cybersecurity to train a future workforce of cyber analysts to adapt to and protect against dynamic cyber threats. Sophos will provide the institute access to Sophos’ endpoint security offerings so that IT students get hands-on experience in real-world environments, providing critically needed cybersecurity to rural K-12 school districts, counties, and cities throughout Idaho.
Sophos Intercept X with XDR (extended detection and response) will be used by students to monitor client assets, detect threats from cyber adversaries, and report to clients on possible avenues of exploitation. This will allow organizations in smaller, local communities that aren’t immune to attacks to get the frontline protection, detection, and response they need, just like any other business worldwide.
The Sophos and Boise State University partnership is one step toward closing the worldwide cybersecurity skills gap and equipping the next generation of the cybersecurity workforce with the skills needed to defend against data breaches, ransomware, and other cyberattacks.