Skills Gap Perspectives
In a recent ESG and ISSA survey, nearly half of respondents believe that the cybersecurity skills gap is getting worse. There aren’t enough skilled individuals to keep networks secure and, at the same time, employees continue to be the weakest link in an organization’s cybersecurity posture due to the general lack of cybersecurity awareness which increases cyber risks. To better understand why the cybersecurity skills gap is top of mind for organizations and how this industry issue can be resolved, we had a digital discussion with Fortinet’s Sandra Wheatley and Rob Rashotte.
Fortinet Survey Finds Widespread Impact from Cybersecurity Skills Shortage
How is the cybersecurity skills gap impacting organizations?
Sandra: While the demand for cybersecurity professionals continues to increase, there aren’t enough skilled candidates to fill critical security roles. As a result, security teams are understaffed and strained for time, opening the door for cybercriminals and new risks to be introduced. A recent Fortinet survey found that 73% of organizations had at least one intrusion or breach over the past year that can be partially attributed to a gap in cybersecurity skills.
The cyber skills gap affects organizations worldwide and ultimately impacts the digital economy. This is why global collaborations between businesses, government and academic institutions are critical in order to truly address this issue. Recognizing this, Fortinet has a longstanding commitment to forming global partnerships to further address the cyber skills gap and advance information sharing critical to tackling today’s sophisticated threats.
As a founding member of the World Economic Forum’s (WEF) Centre for Cybersecurity and the Cyber Threat Alliance, Fortinet collaborates with global leaders from private and public sectors to deliver a response to the growing sophisticated cybersecurity threats and build new opportunities in the digital economy. Fortinet also partners with the NATO Communications and Information Agency and is a member of an expert working group within INTERPOL to further innovate and develop powerful global solutions to reduce cyber attacks worldwide.
Rob: The cybersecurity skills gap has become a much bigger issue than simply filling open job positions. It has become an enterprise risk and a top priority for CISOs. A 2019 Forbes Insight survey of over 200 CISOs that Fortinet commissioned found that talent and training constraints have a significant impact on security organizations. This concern has led more and more CISOs to incorporate employee training as part of their security strategies. CISOs are paying more attention to educating their own employees on best practices and building cybersecurity awareness in order to prevent and reduce internal threats. Regardless of an employee’s role within an organization, it is important that everyone has general cybersecurity knowledge and can detect threats.
While one common hurdle is that employees don’t have enough time for training on basic cybersecurity and cyber awareness, organizations need to look for training that delivers appropriate content without disrupting business. Which is exactly what Fortinet delivers through our Network Security Expert (NSE) Training Institute.
Recruitment struggles and related cyber risks for organizations.
In what ways is Fortinet tackling the industry’s skills gap?
Sandra: Fortinet has a history of being a learning organization through its NSE Training Institute programs and Corporate Social Responsibility (CSR) initiatives focused on closing the skills gap. Our NSE Training Institute is comprised of the Security Academy Program, Veterans Program and Certification Program.
The Security Academy Program supports more than 260 academic institutions and nonprofits globally. Through this program, Fortinet gives participants access to Fortinet’s NSE training and certification curriculum to prepare them for a career in cybersecurity. By helping to develop cyber aware individuals, Fortinet aims to create a pipeline of future security professionals that can fill critical positions.
Additionally, Fortinet’s Veterans Program helps veterans and military families develop skills, reskill, or upskill to enter a career in cybersecurity. Participants of the Veterans Program not only have access to NSE training and certification curriculum but also are provided mentoring, career coaching and are even connected to potential employers who are part of the program’s hiring ecosystem. Veterans are untapped candidates that have unique, transferrable skillsets that are very relevant to a career in cybersecurity–which is why we also collaborate with Veterans non-profits through our Security Academy Program, including Corporate America Supports You (CASY), TrainOurTroops, VetCTAP, Coding for Veterans in Canada and TechVets in the United Kingdom.
Rob: As both a technology company and a learning organization, we focus on closing the skills gap by providing training on products and solutions, as well as becoming trusted advisors for our customers and society as a whole. Fortinet strives to do this through our NSE Training Institute programs. Specifically, the Institute’s flagship NSE Certification Program has issued more than 500,000 certifications worldwide, which is a testament to the reach of our training curriculum.
Certifications play an important part in the hiring of IT and security professionals, in fact, a recent Fortinet survey found that 82% of organizations prefer to hire candidates with certifications. With its eight levels of certification, the NSE Certification Program effectively bridges the cybersecurity skills gap, from cybersecurity fundamental education courses (NSE 1-3), technical product training (NSE 4-6), advanced solution-based training (NSE 7) and the cybersecurity expert recognition (NSE 8).
Have recent events, with the scaling of remote work and the shifting of the IT landscape, impacted the cybersecurity skills gap?
Sandra: The need for cybersecurity awareness is more critical than ever as employees, students and individuals have been online from home. At the same time, for job seekers and career changers, there’s an opportunity to develop new skills, reskill or upskill to transition into a career in cybersecurity. Through Fortinet’s Corporate Social Responsibility initiatives, we’re heavily focused on creating more cybersecurity career pathways by opening up our entire NSE self-paced security training courses for free to anyone who is interested.
Rob: Over the last few months, the cyber landscape has changed dramatically. Due to the global pandemic, the number of people working from home and connecting remotely to office networks has grown exponentially. This quick change in the corporate environment has created an opportunity for cyber criminals to take advantage of the increase in online activity and the inconsistent security that many people have in their homes.
To combat the onslaught of attacks taking place, Fortinet made more than 30 advanced security courses available for free that cover topics ranging from Secure SD-WAN, public cloud security and secure access, among others. The majority of courses are from the official NSE Training Institute curriculum, which was previously available to Fortinet partners for free, but is now be open to anyone who is interested.
All these courses can be easily accessed for free, to get access please contact us today.