Information and technology are delivering increasingly strategic benefits to enterprises today. At the same time, today’s cyber environment has become exponentially more dangerous. In the past few years, the numbers of threats, risk scenarios and vulnerabilities have grown at an alarming rate. Cybersecurity has evolved as a new field of interest, gaining political and societal attention. Governments and public-sector enterprises are engaging in cyberdefense, as well as, increasingly, offense and attack. If the world continues on this path, it is safe to say that the future expertise and responsibilities associated with cybersecurity will be essential to organizational survival and profitability.
Yet even the enterprises that recognize they need to add cybersecurity professionals to their staff face a daunting challenge—there are more job openings than there are qualified professionals. A study by Cisco estimates that close to 1 million positions for security professionals currently remain unfilled. There are several reasons for this shortage. One is that it is not a trivial task to master the knowledge required to become truly effective at threat detection and mitigation. Countering a sophisticated attack by a well-resourced adversary requires much more than a set of baseline security practices. It demands specialist security skills, intelligence-led risk assessments, street-smart education of staff and state-of-the-art forensic analysis skills. Ideal candidates are well-rounded and have a solid foundation in networking, operating systems, web technologies, incident response, and an understanding of the threat landscape and risk management.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program