Research Shows Many New Cybersecurity Professionals are Doomed to Make Blunders

Research Shows Many New Cybersecurity Professionals are Doomed to Make Blunders

Unfortunately, cyberattacks will only continue in the weeks, months, and years to come, making it increasingly essential that businesses have access to cybersecurity expertise. Even more unfortunately, professionals with this level of expertise are becoming harder to find. Globally, we’re short almost four million people, and those we have are prone to make mistakes in their first few years. This comes from a report by Kaspersky, entitled “The Portrait of Modern Information Security Professional,” Let’s review what the cybersecurity developer found and what we can take away from these findings.

We’ll be focused on part one of this report, “Cybersecurity Education Lags as Professionals Struggle On,” which is split into two chapters:

  1. “Educational background of current cybersecurity experts”
  2. “Initial professional struggles”

We’ll summarize each.

How Well-Prepared Is the Average Cybersecurity Professional?

The first chapter of Kaspersky’s report outlines this precise question, and as you would expect based on the section’s title, the answer is a resounding “not well.”

Kaspersky’s research revealed that just over half of information security professionals had no postgraduate degree, and it didn’t stop there.

Half of these professionals claimed that the theoretical training they received in college didn’t help them in their current positions, and even fewer had hands-on experience during their education. It also doesn’t help that many universities and colleges actively struggle to keep their curriculums up to date due to how quickly the industry changes and because there simply aren’t enough instructors with the requisite up-to-date knowledge.

Once These Professionals Enter the Working World, Things Remain Challenging

Kaspersky’s respondents also revealed a few obstacles that new entrants into the profession commonly face… many of which suggest some ties to the aforementioned ill-preparedness many of these new professionals present.

One interesting tendency this research found was that—despite the cybersecurity personnel shortage we referenced, very few interviewees were hired after their first interview. Far more were denied once, twice, or three times in their job search. It was even more common for a candidate to be interviewed four times unsuccessfully than to land their first interview.

Once they were hired, almost half—46%—shared that over a year passed before they felt confident in their role, most taking between one to two.

We also have to acknowledge the human element to all this, and the fact that everyone—even freshly trained security professionals—can make mistakes. Kaspersky’s research showed that a majority of their respondents admitted to making mistakes during their first years on the job.

The most common of these mistakes?

Failure to upstate software at 43% of responses, using weak or guessable passwords at 42% of responses, and negligence in taking timely backup at 40% of responses.

Mistakes Like These are Not to Be Underestimated

However, it is also important not to miss the forest for the trees. Cybersecurity must be prioritized in each and every business. If a business has the resources to commit to a devoted cybersecurity professional on staff, there are much worse investments to make.

However, we understand that many of the small and even medium-sized businesses of New Hampshire can’t justify that kind of investment. We provide a great alternative through our managed IT services, part of which involves helping ensure your business is secure. Don’t get us wrong… everyone makes mistakes. What helps us is the fact that we have an entire team here to help catch them, equipped with the tools to do so.

Whether or not you have team members devoted to securing your business, a little more assistance never hurts. Find out more about how we can help by calling (603) 889-0800.

Related Posts

It Pays to Invest in Security Awareness Training… Here’s What to Include

Security awareness training is a critical process for modern businesses to undergo to have any chance of success. Unfortunately, as much as security software or policy can help, it can only do so much. You also need your team members to be on board, knowledgeable about what they need to do, and motivated to do it.  In light of this, let’s talk about security awareness training and what it ne...

Security Training is Increasingly Important

Your company’s ability to keep its digital information safe depends largely on how well its technology performs. This is why it’s crucial to teach your employees how to protect your company’s data. To start, it’s important to understand your organization’s security posture. This refers to how actively you or your team work to protect your online presence. With the growing use of cloud applications...

A Man-in-the-Middle Attack is Not to Be Underestimated

Have you ever heard of the “man-in-the-middle” attack or MitM? It’s a situation where your data is stolen by an onlooker who situates themselves in the right place at the right time. Data interception is a very real thing that your business should be prepared to fight against. Let’s discuss some strategies you can use to counter these sneaky attacks. How a Man-in-the-Middle Attack Works For a ...

Did You Trade Your Data for a DVD Rental?

In June of this year, publisher Chicken Soup for the Soul Entertainment, best known for its book series of the same name, filed for Chapter 7 and Chapter 11 bankruptcy and had many of its assets liquidated. One of these assets was the movie rental service Redbox and its eponymous scarlet rental kiosks, rendering the service defunct. However, many kiosks remain standing outside businesses even now...