Fortinet Cyber Survey Shows Global Scope of Skills Gap

Fortinet’s has released a study that has revealed some telling, if not predictable findings: the cyber skills gap that the sector is struggling with, is global.

The 2024 Global Cybersecurity Skills Gap Report, based on a survey of over 1,850 IT and cybersecurity decision-makers from 29 countries including the UAE, serves as a crucial wake-up call for organisations worldwide. 

This inclusion of  large organisations in the UAE, however, highlights the seriousness of the problem. UAE has long been an attractive place for workers looking to take advantage of higher salaries and lower taxes. 

Equally, UAE firms have boosted cybersecurity budgets by 35%, compared to maximum 30% global, to beat AI-powered ransomware attacks. 

Yet, the Fortinet findings revealed close to 58% of IT decision-makers cited the lack of training and upskilling opportunities as being their biggest challenge.

“The findings from our 2024 Cybersecurity Skills Gap Report highlight a critical issue facing organisations in the United Arab Emirates,” says Alain Penel, VP – Middle East, Turkey and CIS, at Fortinet.

Issues at hand

The report revealed nearly 90% of organisations experienced a breach in the last year that they can partially attribute to a lack of cyber skills. 

This figure has risen from 84% in 2023 and 80% the year before, indicating a worsening situation. 

Furthermore, 70% of organisations reported that the cybersecurity skills shortage creates additional risks for their operations.

This declining skilled staff number, but growing attack surface of many organisations as they expand their digital infrastructure, can create a perfect storm.

Over 50% of respondents indicated that breaches cost their organisations more than US$1m in lost revenue, fines, and other expenses last year – a significant increase from previous years. The consequences of these skills shortages are severe. 

This growth in loss can be reflected in both regulatory attitudes shifting to harsher punishments for breaches, and the use of AI aiding attackers to craft better malware or social engineering techniques.

Moreover, 51% of respondents noted that directors or executives have faced serious repercussions, including fines, jail time, or loss of position, following cyberattacks.

Industry efforts

Although this issue of staff shortages is a perennial issue in the cyber sector, industry is making efforts to remedy this. 

With even jail being a potential punishment for breaches, it is probably no wonder the report revealed that 72% of respondents said their boards were more focused on security in 2023 than the previous year, with 97% viewing cybersecurity as a business priority.

Yet, even if they are more focused, a Trend Micro report showed there may still be a threshold for getting their attention.

But Fortinet’s survey shows there remains an obsession with certificates. Over 90% of respondents said they prefer to hire candidates with certifications. However, finding certified candidates remains difficult, with more than 70% of respondents indicating challenges in this area.

Diversity in hiring is also a focus for many organisations, with 83% of respondents saying their organisations have set diversity hiring goals for the next few years. 

This push could help with what Deloitte found was a perception gap stopping women joining the cyber sector, although the report noted fluctuations in hiring from diverse talent pools, with female hires down to 85% from 89% in 2022.

As cyber threats continue to evolve, particularly with the advent of AI-powered attacks, closing the skills gap is not just a matter of competitive advantage, but of organisational survival. 

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand