Security leaders for years have been talking about the shortage of skills to address cybersecurity threats. A study by RAND Corporation in 2014 showed that there is a nationwide shortage of cybersecurity experts. The study also showed that the shortage of experts is in the federal government, and this creates a threat for homeland and national security.
Lead author of the study, Martin Libicki, stated that the shortage is a huge supply-and-demand problem, and due to the rise in incidents, the awareness about the vulnerability is also increasing along with the need for professionals to counter the attacks. Hiring and training new cybersecurity professionals is a time-consuming process making it a significant drawback.
Secure Code Warrior CEO and Co-Founder, Pieter Danhieux, urges that the shortage of skills can be used as an opportunity to empower developers to learn code securely. Rapid digitalization is producing a massive amount of codes, so this gives rise to vulnerabilities, and the industry ultimately will struggle to meet these demands. Leaders must be more conscious because the attackers need only a small gap to orchestra the attacks. Upskilling and retention are important because a security-aware developer is much better than an average developer. Instead of being dependent on SaaS for protection, organizations must allow their developers to engage in the learning process.