Information technology and its use have transformed every aspect of society. In today’s digital economy, every company requires effective security to protect their information. Security breaches mean lost intellectual property, compromised customer information, and reduced customer confidence. These are critical considerations as organizations become more agile and try to grow their business models to leverage evolving trends of mobility, cloud and digitization.
The number of connected devices alone is expected to grow to 50 billion sensors, objects, and other connected “things” by the year 2020. With this, the number and type of attack vectors will increase, as will the amount of data, creating a daunting challenge for companies and those responsible for defending the infrastructure.
Cybersecurity has expanded from just focusing on building secure technology perimeters, to now also working with business management to reduce security risks – as well as detecting, responding to, investigating and handling security events when they occur. As a result, security is not a point-in-time component, but rather, it must be a part of every deployment, every development and every decision.
In order to deal with risk, security needs to be embedded within every business process, rather than viewed as a separate silo. Technology professionals and business professionals need to work together to understand business risk and its relation to security.
That’s why we are incorporating security into so many of our IT certifications – not just the specific security ones. Security now also extends to manufacturing networks and the Internet of Things, for instance, in addition to applications (such as collaboration) and infrastructure (both wired and wireless).
But what about the skills gap?
Security is rapidly becoming an integral part of any sort of deployment, and this awareness is coming in earlier in the process, though often, not early enough. In order to enable organizations tackle security challenges, they are facing a fundamental problem – the skills gap. In fact, the Cisco Annual Security Report has found there’s a shortage of more than a million security professionals across the globe.
Part of the problem is that so many people don’t know how to get started in security in the first place. Individuals pursuing security careers traditionally have needed to have expertise in networking, and have a programming language or an operating system under their belt before they can even start down the security path. So many security positions currently require 5-plus years of experience, but the question is – how does someone get that experience in the first place?
Filling the security skills gap has to start at the entry level and that’s one of the things Learning@Cisco is working hard on – evolving and developing our CCNA Security curriculum, as well as our cybersecurity specialist certification for instance. We’re trying to ease the starting point and make it easier for people who have the desire and interest to pursue security careers and are looking for a way to get started.
The security skills on-ramp must be made easier to access. By doing this, we will go a long way toward closing the skills gap – and in turn, opening new career doors for IT professionals and improving organizations’ security posture.