The Catch-22 that has affected the cybersecurity profession since its inception remains a serious problem, according to a newly released report. To get a job in cybersecurity, many organizations require hands-on experience, but gaining that experience requires having a previous cybersecurity position in the first place.
This conundrum is a challenge cybersecurity talent is fighting to overcome. The report is based on a study of 327 cybersecurity professionals in late 2019 and early 2020 by the Enterprise Strategy Group (ESG) for the Information Systems Security Association (ISSA). The findings underscore the need for more training and certification, and more creative approaches by hiring managers to find talent in unexpected places.
“There is a continuous lack of training, career development, and long-term planning. As a result, cybersecurity professionals often muddle through their careers with little direction, jumping from job to job and enhancing their skillsets on the fly rather than in any systematic way. This, combined with the continued cybersecurity skills shortage, has stalled cybersecurity progress,” the report says.
According to the report, cybersecurity skills have deteriorated for four consecutive years, putting at risk the operations of 70% of the organizations represented in the study. The issue, according to the study, is a combination of lack of training and the skills gap, which by (ISC)²'s estimate requires more than 4 million additional cybersecurity staffers worldwide.
However, (ISC)² research also paints a much less grim picture of the career satisfaction levels cybersecurity professionals report. According to the catch cybersecurity experience remains problem
