2022 Cybersecurity Skills Gap

Is the cybersecurity workforce growing fast enough to keep up with new threats?

During the last two years, IT teams were forced to rapidly adapt to remote and hybrid work models. While the effort was challenging, the ability to adapt was a safeguard for most organizations.

Unfortunately, increases in remote and hybrid work models resulted in the expansion of the threat landscape. IT teams had to act quickly to deal with an increasingly harsh reality.

“Cybercriminals are developing attacks faster than ever. They continue to exploit the expanding attack surface of hybrid workers and IT. And they’re using advanced persistent cybercrime strategies that are more destructive and less predictable than those in the past.” —Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, FortiGuard Labs

The sudden expansion of the corporate network, where millions of employees were logging in from their unsecured home offices, led to significant spikes in malicious cyber activity. In 2021, the Fortinet Global Threat Landscape Report revealed a tenfold increase in ransomware attacks alone.

According to a new Fortinet-sponsored survey, it’s clear that many of the challenges organizations face in combating cybercrime are directly related to a lack of qualified cybersecurity professionals.

Worldwide, 80% of organizations suffered one or more breaches that they could attribute to a lack of cybersecurity skills and/or awareness.

Here are a few examples:

The survey shows that 64% of organizations experienced breaches that resulted in lost revenue and/or cost them fines during the past year. A staggering 38% of organizations reported breaches that cost them more than a million dollars (USD).

A key factor is that organizations struggle to find and retain certified cybersecurity people. Global leaders indicate that:

• 60% struggle to recruit cybersecurity talent
• 52% struggle to retain qualified people
• 67% agree that the shortage of qualified cybersecurity candidates creates additional risks for their organizations

They’re not wrong.

Organizations need qualified cybersecurity professionals now more than ever, which is why 76% of organizations indicate that their board of directors now recommends increases in IT and cybersecurity headcount.

In this report, we analyze the results from our survey to explore five central themes about why the current cybersecurity skills gap matters, and how organizations are attempting to fill it.