Cyber attacks are taking the sleep away from many managers around the world, as they can lead to immense financial losses to organizations.
In this cybersecurity scenario, investing in information security is no longer a competitive market differential and has become a necessity for companies that need to prevent data theft and keep their information confidential.
According to a Veritas study, on average, companies need to spend $12 million and hire 27 IT staff to ensure business security.
This is an average, so it varies according to the size of the company. But while organizations need to hire to ensure cybersecurity, finding an IT professional from the market has never been more difficult than it is now.
Shortage of professionals in the area
ISACA's State of Cybersecurity 2022 survey of security professionals from around the world proves this shortage. According to the study, 63% of respondents have open cybersecurity positions, while 62% say their teams are understaffed. The average time it takes companies to find suitable professionals for the vacancies is around 6 months.
Besides the difficulty in finding professionals, companies still face problems in keeping employees. The main reason for leaving would be to move to other companies in the industry, followed by insufficient salary or bonus, lack of growth opportunity, and stress.
Also according to the study, the main gaps that appear in the training of these professionals are related to soft skills, social skills, cloud computing, and security controls.
Within this context, according to a Forrester study, which surveyed 416 security executives and 425 business executives in ten countries, 66% of business leaders have little confidence in the ability of their security teams. This is very sensitive data, considering that the internal team, along with the technologies used, is the companies' main barrier against threats.
Law of supply and demand
An article in the MIT Technology Review sheds light on this theme, drawing attention to an old issue: the law of supply and demand. The text cites a report by the Brazilian Association of Information Technology and Communication Companies, which projects that the deficit of professionals in this area may reach 260,000 by 2024. There are many more vacancies than available professionals, which explains the main reason for the difficulty in retention: professionals change companies frequently.
Because there is so much on offer, salaries have increased considerably in this area, and can range from more than $6,000 to $14,000, according to MIT. So offers from other companies are always very attractive.
To a large extent, this high demand, which has increased by 600% in São Paulo, is explained by the digitalization of companies. This was already a natural process, but it was accelerated by the pandemic, as companies and professionals found themselves in a completely new reality with home office and/or hybrid work.
Cultural Change
But it is not only the shortage of professionals that explains this difficulty in filling vacancies in companies. Many organizations are having trouble with the cultural issue, because most of the IT workforce is made up of young people who want freedom to work and who are very dynamic, moving from place to place with every better opportunity.
As a result, large companies have not yet managed to adapt to this scenario and continue to adopt rigid practices and practice salaries that do not attract this public. In addition, another point that needs to be mentioned is the adoption of technology. Many companies have not yet understood the important role of technology for cybersecurity.
Adopting robust and modern technological solutions is one of the keys to guaranteeing more security, because, besides the technical part, it solves more bureaucratic issues, freeing these professionals for more important and strategic tasks within the organizations.
And in your company, how is this situation? Has talent retention been a challenging topic? Despite this scenario, we at ISH have many open positions throughout Brazil, home office, hybrid, etc.
encha be part of the team of the largest cybersecurity company in Brazil. Check it out on LinkedIn and Gupy.