By Kevin Simzer
Among the headline-grabbing reports of election hacking, nation-state raids on utilities firms, and mega-data breaches, few outside the industry ask the question: Did the cybersecurity skills shortage play a part? It’s impossible to say for sure. However, what we do know is that chronic industry skills gaps are putting organizations across the globe at risk. Tackling the problem will require urgent action from governments, academia and business.
That’s why Trend Micro is proud to be doing its part via two seemingly disparate but connected strands. We’re improving and expanding the quality of our threat research to maximize the ability of IT to defend against attacks, and we’re also investing in new events and training centers to bring much-needed talent into the pipeline.
A looming crisis
The skills challenge facing the industry is nothing short of a crisis. Some estimates claimed there was a shortfall of 350,000 US professionals in 2017, with a global shortage of talent predicted to reach a massive 1.8 million by 2022. As more industry professionals retire, and more threats are introduced daily, there simply aren’t enough new professionals coming into the industry to keep pace. How have we let this situation come about?
It’s the unfortunate by-product of multiple factors. Much of it is rooted in the preference of many students, at least in the West, for arts subjects at school. It’s been exacerbated by our inability as an industry to positively brand ourselves to folks outside our industry. You can have a wonderful, fulfilling, exciting and well-remunerated career in cybersecurity — we just need to get the word out. It’s particularly important to communicate better with female students, many of whom still view the industry as a geeky, male-dominated profession. Addressing the gender imbalance in cyber is a vital part of our efforts to alleviate the overall skills shortage.
As our reliance on digital technologies grows, and cybercriminals get hold of new technologies like AI, the skills crisis will only become more acute. To fight back we need to approach the challenge from different angles.
What we’re doing
That’s why at Black Hat this year Trend Micro is delighted to be announcing some new initiatives we hope will have an impact.
First, we’re improving the threat intelligence available to security professionals using our products, to help them more accurately identify risk and prioritize threats. The integrated power of vulnerability research feeds from the Zero Day Initiative (ZDI) and Telus Security Labs will offer better protection than ever before. Trend Micro blocked nearly 66.5bn threats last year and the combined strength of these feeds will maximize the capabilities of our connected threat defense engine going forward. Blocking this volume of threats before they reach the enterprise is good news for under pressure security professionals as it means they have more time to focus on more strategic tasks.
Second, we’re announcing our fourth global Capture the Flag competition, inviting teams from around the world to demonstrate their skills and challenge themselves in a variety of critical cybersecurity areas, including targeted attacks, IoT and industrial control system protection. It’s all about developing these crucial skills among young professionals and raising awareness across the board about cyber as a possible career move.
On that note, Trend Micro has six global centers designed to recruit and train up new security professionals. Crucially, we recruit from all walks of life — you don’t need cybersecurity experience to join us. We believe that many of those who will do best in the industry may not have accreditations or sector-specific experience, but rather an intellectual curiosity, a desire to find out how things work, and an ability to think like a hacker.
It’s a travesty that many of these highly capable professionals are passed over because they may not tick the right boxes on a recruiting paper. As an industry, we need to think outside those boxes if we’re going to make inroads into the global cybersecurity skills shortage. At Trend Micro, we’re glad to be playing our part.