What a Shortage of Security Experts Means for Our World

It’s estimated that there will be a global shortage of 2 million cyber security experts as soon as next year, 2019, as predicted by ISACA. As one of the most important industries in our growing digital world, we take this shortage very seriously. Read on to learn more about what this means for you, businesses and the world if this shortage continues to grow.

Currently Employed Experts Will Be Less Effective

In 2018, ESG reported that 51 percent of organizations have a problematic shortage of cybersecurity skills, up from 45 percent in 2017. What’s worse, the ESG also reported that 63 percent of cyber security professionals feel they are not receiving adequate training from their employer. What does all this mean?

“The cybersecurity skills shortage has multiple implications. Organizations don’t have the right sized teams and operate in a perpetually understaffed mode. Often, the cybersecurity team lacks some advanced skills in areas like security analytics, forensic investigations, or cloud computing security, putting more pressure on the most experienced staffers to pick up the slack,” explains Jon Olstick, ESG Senior Principal Analyst.

Current Security Experts Won’t Be Able to Keep Up

With a lack of skills and senior staff picking up the extra work, 22 percent of organizations report that their cybersecurity team is not large enough for the size of their organization, leaving security teams in the weeds. As the skills and employment gap grows, these likely burned out employees will only have a harder time keeping up. This means data and the consumers and businesses who are tied to it continue to be vulnerable.

Businesses Will Continue to Lose Money

With defenses down, businesses continue to be hit with malware, which is costly. In fact, 29% of breached organizations lost revenue according to 2017 data from Cisco: 62 percent lost less than 20 percent, while 8 percent lost 60–100 percent. This financial impact is the result of a number of breach-related issues:

  • 45 percent of organizations experience 1–8 hours of down time from a breach, with 15 percent experiencing 9–16 hours of down time.
  • 41 percent of organizations see 11–30 percent of their systems affected, with 24 percent having up to 50 percent impacted.
  • 61 percent of companies lost less than 20 percent of customers due to a breach, while 21 percent lost 20 to 40 percent.

Fixing systems, dealing with down time and re-building a customer base is costly and time-consuming, all of which drive significant revenue loss.

Personal Information Will Continue to be Stolen

As if the $16 billion stolen from 15.4 million U.S. consumers in 2016 wasn’t enough, according to the Insurance Information Institute, the numbers continue to grow. Another 145 million people were affected by the Equifax breach in 2017 — and that was just one of the many massive breaches to occur last year.

While there are a number of issues that lead to these attacks, one issue is the value of this information on places like the black market — which means hackers have financial incentive to exploit it and not enough security to stop them. Experian’s 2017 research found the cost of the following items on the dark web:

  • Social security number: $1
  • Credit or debit card with bank info: $15
  • Drivers license: $20
  • Online payment services login: $20-$200
  • Passports: $1,000-$2,000

Jobs Will Continue to Go Unfilled

Despite the need for these experts, 40,000 cyber analyst jobs go unfilled each year in the U.S., and employers can barely manage to fill the other 200,000 cyber-security related positions, as reported by CyberSeek. Not to mention, female infosec experts make up just 11 percent of the industry. Unless the female sector of talent is tapped or other means of increasing the talent pool are taken, it stands to reason that these jobs will continue to go unfilled.

Where PolySwarm Comes In

The PolySwarm market is what will bridge the cybersecurity labor market gap that is leaving organizations increasingly at risk and subject to more and more costly security breaches. In providing a solution to this global dilemma of skill shortage, PolySwarm will:

  • Give organizations around the world the marketplace wherein they can access a global network of security experts that will supplement their internal security and IT teams, making them stronger in the face of growing cyber threats.
  • Provide an active marketplace for cyber security experts around the world to capitalize on their expertise, with their micro-engines working on countless artifacts every day.
  • Incentivize security experts in this competitive prediction market to further develop their area of expertise and aim to innovate.
  • Yield the first publicly-accessible ledger containing information on the accuracy of malware detection. Access to this information will give security experts tools to learn, which may help counteract the lack of training by employers.

All of this will happen while participants within the PolySwarm network work together to provide broader, more accurate threat intelligence for everyone. Learn more about how security experts will interact within the network in our recent video:

Don’t forget to check out the SlideShare just made for this awesome post too! If you have a SlideShare account, you’ll want to clip slide #2!