Research Shows Many New Cybersecurity Professionals are Doomed to Make Blunders

Research Shows Many New Cybersecurity Professionals are Doomed to Make Blunders

Unfortunately, cyberattacks will only continue in the weeks, months, and years to come, making it increasingly essential that businesses have access to cybersecurity expertise. Even more unfortunately, professionals with this level of expertise are becoming harder to find. Globally, we’re short almost four million people, and those we have are prone to make mistakes in their first few years. This comes from a report by Kaspersky, entitled “The Portrait of Modern Information Security Professional,” Let’s review what the cybersecurity developer found and what we can take away from these findings.

We’ll be focused on part one of this report, “Cybersecurity Education Lags as Professionals Struggle On,” which is split into two chapters:

  1. “Educational background of current cybersecurity experts”
  2. “Initial professional struggles”

We’ll summarize each.

How Well-Prepared Is the Average Cybersecurity Professional?

The first chapter of Kaspersky’s report outlines this precise question, and as you would expect based on the section’s title, the answer is a resounding “not well.”

Kaspersky’s research revealed that just over half of information security professionals had no postgraduate degree, and it didn’t stop there.

Half of these professionals claimed that the theoretical training they received in college didn’t help them in their current positions, and even fewer had hands-on experience during their education. It also doesn’t help that many universities and colleges actively struggle to keep their curriculums up to date due to how quickly the industry changes and because there simply aren’t enough instructors with the requisite up-to-date knowledge.

Once These Professionals Enter the Working World, Things Remain Challenging

Kaspersky’s respondents also revealed a few obstacles that new entrants into the profession commonly face… many of which suggest some ties to the aforementioned ill-preparedness many of these new professionals present.

One interesting tendency this research found was that—despite the cybersecurity personnel shortage we referenced, very few interviewees were hired after their first interview. Far more were denied once, twice, or three times in their job search. It was even more common for a candidate to be interviewed four times unsuccessfully than to land their first interview.

Once they were hired, almost half—46%—shared that over a year passed before they felt confident in their role, most taking between one to two.

We also have to acknowledge the human element to all this, and the fact that everyone—even freshly trained security professionals—can make mistakes. Kaspersky’s research showed that a majority of their respondents admitted to making mistakes during their first years on the job.

The most common of these mistakes?

Failure to upstate software at 43% of responses, using weak or guessable passwords at 42% of responses, and negligence in taking timely backup at 40% of responses.

Mistakes Like These are Not to Be Underestimated

However, it is also important not to miss the forest for the trees. Cybersecurity must be prioritized in each and every business. If a business has the resources to commit to a devoted cybersecurity professional on staff, there are much worse investments to make.

However, we understand that many of the small and even medium-sized businesses of New Hampshire can’t justify that kind of investment. We provide a great alternative through our managed IT services, part of which involves helping ensure your business is secure. Don’t get us wrong… everyone makes mistakes. What helps us is the fact that we have an entire team here to help catch them, equipped with the tools to do so.

Whether or not you have team members devoted to securing your business, a little more assistance never hurts. Find out more about how we can help by calling (603) 889-0800.

Related Posts

Tip of the Week: Three Practices to Reduce Consternation About Your Technology

Technology plays a massive role for most organizations nowadays, and not everyone always grasps the importance of it. Most of the time, there is so much built into today’s enterprise software that it can often be overwhelming for workers to use it effectively. Today, we will give you three tips on how to help employees get a grasp of the technology their productivity depends on. Help Them Under...

A Man-in-the-Middle Attack is Not to Be Underestimated

Have you ever heard of the “man-in-the-middle” attack or MitM? It’s a situation where your data is stolen by an onlooker who situates themselves in the right place at the right time. Data interception is a very real thing that your business should be prepared to fight against. Let’s discuss some strategies you can use to counter these sneaky attacks. How a Man-in-the-Middle Attack Works For a ...

Protecting Your Identity and Privacy on Social Media in 2024

Social media is constantly evolving, and if the big social networks had it their way, it would be the only place people go when they log onto the Internet. Whether you have strong feelings for or against social media, or perhaps you are indifferent, it’s important to understand how to protect yourself when using social media. What are the Risks of Using Social Media? For many, social media has...

Tips to Improve Your Organizational Phishing Deterrence

Phishing is one of the most prevalent issues individuals and businesses must confront when operating online. This is because there are literally billions of these scam attempts sent each day. That’s right, billions. With over a hundred billion scam attempts sent every year, your business is already getting phished, it’s just a matter of time before someone falls for it. Cybersecurity has change...