Skills Gap Leaves Door Open to Cyber Threats and Attacks, Fortinet Study Finds

Image suitable for illustration of a recruitment agency or talent acquisition. Abstract compass

Fortinet’s 2023 Global Cybersecurity Skills Gap Report reveals ongoing challenges related to the cybersecurity skills shortage affecting organizations worldwide.

Key findings from Fortinet’s report include:

  • The cybersecurity skills shortage has contributed to critical IT positions not being filled, which increases organizations’ cyber risks, such as breaches.
  • Cybersecurity remains a priority for boards of directors, and there is executive demand for increased IT security headcount.
  • Technology-focused certifications are highly regarded by employers, serving as validation of skill sets.
  • Organizations recognize the advantage of recruiting and retaining diverse talent to help address the skills shortage, but doing so has presented a challenge.

More Than 3 Million Cybersecurity Pros Needed

An estimated 3.14 million professionals are needed to fill the global cybersecurity workforce gap, Fortinet reports. At the same time, Fortinet found that the number of organizations experiencing five or more breaches jumped by 53% from 2021 to 2022.

One repercussion of this is that many short-staffed cybersecurity teams are burdened and strained as they try to keep up with thousands of daily threat alerts and attempt to manage disparate solutions to properly protect their organization’s devices and data.

Additionally, as a result of unfilled IT positions due to the cyber skills shortage, Fortinet found that 68% of organizations indicate they face additional cyber risks.

Talent Shortage Linked to Cyber Risks

Other findings highlighting increased cyber risks that could be partially attributed to the talent shortage include:

  • Security intrusions are increasing. 84% of organizations experiencing one or more cybersecurity intrusions in the past 12 months, up from 80% from last year.
  • More organizations were impacted financially due to breaches. Nearly 50% of organizations suffered breaches in the past 12 months that cost more than $1 million to remediate. This is up from 38% of organizations compared to Fortinet’s 2022 report.
  • Cyberattacks will continue to increase. 65% of organizations expect the number of cyberattacks to increase over the next 12 months, further compounding the need to fill crucial cyber positions.
  • The skills gap is a top concern for boards of directors. The report shows that 93% of boards are asking how the organization is protecting against cyberattacks. Also, 83% of boards are advocating for hiring more IT security staff.

Addressing the Cyber Skills Gap

The report suggests that employers recognize how training and certifications can benefit their organization in addressing the skills gap.

Highlights from the report around training include:

  • Certifications are sought after by employers. Beyond experience, employers view certifications and training as reliable validation of an individual’s skill set. 90% of business leaders preferring to hire individuals with technology-focused certification, up from 81% the year before. Additionally, 90% of respondents would pay for an employee to get a cybersecurity certification.
  • Certifications benefit both organizations and individuals. 82% of respondents indicated their organization would benefit from cybersecurity certifications. 95% of business leaders have experienced positive results from either their team or themselves being certified.
  • Not enough professionals are certified: More than 70% of respondents said it is difficult to find people with certifications.

Talent Diversity Examined

Organizations are seeking ways to tap into new talent pools to fill cybersecurity roles, with 8 out of 10 organizations having diversity goals as part of their hiring practices, according to Fortinet. Roughly 40% of organizations indicate they have difficulty finding qualified candidates who are women, military veterans, or from minority backgrounds.

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.