Fortinet has released its 2023 Global Cybersecurity Skills Gap Report, revealing the ongoing challenges related to the cybersecurity skills shortage affecting organisations worldwide.
The survey included 1,800 IT and/or cybersecurity decision-makers from 29 different locations and industry backgrounds, including technology, manufacturing and financial services.
The cybersecurity skills shortage
Fortinet estimates that 3.4 million professionals are needed to fill the global cybersecurity workforce gap. The report also found that the number of organisations experiencing five or more breaches grew by 53% over the 2021-2022 period.
Of course, this means added strain on the already burdened cybersecurity workforce attempting to maintain their organisation's security against thousands of daily threat alerts with insufficient staff.
This is exemplified by the report showing that 68% of organisations indicated that they face additional cyber risks.
However, there are multiple areas of concern that could also be attributed to the workforce shortage. For example, 84% of organisations have experienced one or more cybersecurity intrusions in the past year, up from 80% last year. Of those breaches, nearly 50% cost more than USD $1 million to remediate, up from 38% compared to the previous year's report.
The statistics the report reveals are concerning, but more so when considering that Fortinet reports that 65% of organisations expect the number of cyberattacks to increase over the next year.
Organisations will need to increase and diversify their cybersecurity teams if they are going to cope with what is projected, and boards of organisations are in agreement. 93% of boards are asking how their organisation is protecting against cyberattacks, with 83% of boards advocating for hiring more cybersecurity professionals.
The need for certified cybersecurity teams
Fortinet's report also suggested that organisations recognise the need for training and certification to help address the skills gap. Employers want employees with certifications and training as they validate an individual's skill set.
90% of business leaders prefer hiring individuals with technology-focused certifications, up from 81% in the previous year. Even more, 90% of respondents would pay for an employee to get a cybersecurity certification.
The report also found that 82% of respondents believed their organisation would benefit from certified cybersecurity staff, with 95% of business leaders experiencing positive results from either their team or themselves being certified.
However, while certifications are highly regarded, more than 70% of respondents said finding people with certifications is difficult.
Could diversification be the answer?
Fortinet's report showed that organisations are seeking ways to fill the shortages they are experiencing, with 80% of organisations employing diversity goals as part of their hiring practices. However, roughly 40% of organisations also indicated difficulty finding qualified candidates who are women, military veterans, or from minority backgrounds.
The number of organisations that indicated they hired military veterans also dropped from 53% in 2021 to 47% in 2022. As for hiring women and minorities, there has been a minimal increase in both demographics, with 89% of organisations hiring women in 2022, up from 88% in 2021, and 68% of organisations hiring minorities in 2022, up from 67% in 2021.
Fortinet's commitment to closing the skills gap
To support organisations through this challenging period and skills shortage, Fortinet has pledged to train one million people in cybersecurity by 2026 to help increase access to security professionals and untapped talent pools looking to upskill and reskill.