Kaspersky’s study exposes the struggle faced by businesses in upskilling their cybersecurity workforce, despite significant annual investments exceeding $100,000. Challenges include a lack of relevant courses covering emerging cybersecurity domains and difficulties in retaining knowledge due to limited practical application opportunities.
26 March 2024 – A recent study by Kaspersky has shed light on the formidable challenges faced by businesses in upskilling their cybersecurity workforce. The research uncovered that over 70% of businesses globally invest more than $100,000 annually in additional training to keep their cybersecurity professionals updated with the latest skills. Despite these substantial investments, many companies lament the lack of relevant courses covering emerging cybersecurity domains, with 39% of professionals feeling that corporate training falls short.
The study, titled ‘The Portrait of the Modern Information Security Professional,’ delves into the global cybersecurity staff shortage, dissecting the reasons behind the scarcity of cybersecurity experts and examining how businesses evaluate and enhance the skills of their cybersecurity workforce. Notably, the research found that 43% of organizations typically allocate between $100,000 and $200,000 yearly for information security courses, while 31% invest over $200,000. However, a significant portion (26%) spends less than $100,000 on educational initiatives.
Despite the considerable investment, cybersecurity practitioners express dissatisfaction with the educational market’s ability to keep pace with the rapidly evolving industry. Nearly half (49%) of respondents cited the scarcity of courses covering new challenging spheres as a primary obstacle in accessing cybersecurity training. Additionally, 47% noted that trainees often struggle to retain newly acquired knowledge due to a lack of practical application opportunities, while 45% face challenges related to unspecified pre-requisites such as coding and advanced mathematics.
Veniamin Levtsov, VP at Kaspersky, emphasizes the importance of continually improving cybersecurity personnel’s skills to counter sophisticated cyber threats effectively. Levtsov suggests that organizations focus on developing high-profile specialists internally to foster professional growth and enhance cybersecurity resilience, rather than perpetually seeking external candidates.
To address these challenges and effectively upskill cybersecurity teams, Kaspersky experts recommend investing in quality cybersecurity courses tailored to the latest threats, utilizing interactive simulators to assess critical thinking in real-world scenarios, and providing comprehensive threat intelligence to bolster incident management capabilities.