"Considering the recent high-profile threats that have been attributed to unpatched systems, it's no wonder respondents are concerned that a technical skills gap could leave their organizations exposed to new vulnerabilities. I'm encouraged to see that respondents are prioritizing skills for foundational security controls, such as vulnerability management and network monitoring, when they're hiring."Teams also voiced their intention to keep up with the advancement of the cloud, the Internet of Things (IoT), and DevOps. Eighty-eight percent said they expect the need for expertise in the cloud to increase, while 77 percent indicated a growing demand for IoT expertise as well as for DevOps. Most security teams disclosed they might turn to outside help to satisfy this need. Ninety-seven percent said technology vendors can help address the skills gap, so it's not surprising that 91 percent of respondents revealed they will outsource security skills to help address the technical skills gap. Erlin thinks that's a logical move:
"Growing adoption of cloud, IoT, and DevOps brings about new challenges that security teams will need to keep up with, and if organizations want to bridge a technical skills gap, they should look to work with security vendors and managed security providers who can help them address today's major attack types while also offering training to their existing IT teams. As security continues to become an even bigger challenge for organizations, we can expect to see more and more businesses outsource to gain security expertise in the future."In earlier posts, we covered the need for more women in cybersecurity and a blended training/education approach for closing the gap on technical skills. How do you think the industry can build a better funnel of technically adequate cybersecurity professionals? What else should security teams be considering? Please let me know in the comments!