<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=76180&amp;fmt=gif">

RoundTower Blog

My $0.02 on the shortage of qualified Information Security professionals


This morning I shared an article from a group I follow, Dark Reading, discussing the skills most in demand which seem to be creating this Information Security resource shortage.  Released earlier this year, the ISACA Cybersecurity Nexus survey shows one in four organizations take six months or longer to fill priority cybersecurity positions. It went on to report that 40% of the organizations responding are receiving fewer than five applications for cybersecurity positions. "There’s definitely a talent shortage of quality information security professionals who are capable of solving emerging problems," says Lee Kushner, president of cybersecurity recruiting firm LJ Kushner & Associates. "It’s not a shortage of general skill or average skill, it’s a shortage of skills that can help companies solve their problems."

I have been thinking about this article throughout my day and have developed a working hypothesis. Unfortunately the potential ramifications of this hypothesis are not good. First, based on my experience as a cybersecurity consultant, I completely agree with Mr. Kushner on the shortage of skills necessary to help a company solve business problems but it seems to go much deeper. While speaking to my son on this topic he mentioned the high dropout rate for classes which required deductive logic and critical thinking skills when he was in college a few years back. Those classes included programming, computer science, engineering, and even architecture.

It seems, when presented with a problem with no readily apparent solution, the ability to employ imagination, basic troubleshooting skills, and critical thinking seems to be absent. It seems we have inadvertently raised an entire generation devoid of these skills by relying on an educational system which teaches "what to think" not "how to think." This generation knows how to Google for a solution someone else has previously published, they know how to contact technical support so someone else can provide a resolution to an issue, and they even know how to download a time saving app someone else has created. However, if you present a problem with no previous or readily available solution, no technical support, and no previously developed app, many resources appear to be lost as to the basic steps in developing a solution to the problem.

If my hypothesis is correct, we could be facing a future shortage of critical thinkers in more industries than just cybersecurity. This could be just the start. As I thought about the ramifications and how we got to this point I could not help but thinking about all the kids I see with their faces glued to mobile electronics. Kids no longer need to exercise their imagination because entertainment is hardlined into them 24/7. I think of regimented environments where kids are not required to develop strategies to get out of situations in which they find themselves. In addition, there is no need for problem solving because someone with a solution is only a social media post away. Lastly, consequences for one's action are those inconveniences which parents make go away.

Yes, I think we definitely have a shortage of skills which can help a company solve business problems, but if we are dependent on the next workforce generation who created a global crisis when denied access to the White House to capture a rare Pokémon, it has the potential to get a whole lot worse...

....just my $0.02

Follow Robert Hill's Pulse blog on LinkedIn: My $0.02 on the shortage of qualified Information Security professionals 

Share this Post:
« Recap of the Nutanix.Next 2017 Conference
Threat Intelligence Update: Week of January 8, 2017 »