Cyber security professionals in the UK say they are more worried about quotidian issues than the threat of dealing with a major cyber incident while running their businesses, according to the latest Career status report Produced by Chartered Institute for Information Security (CIISec).
The seventh annual edition of CIISec’s report, which has just been released, reports that 32% of security professionals are kept vigilant. workload25% are concerned about their lack of career advancement opportunities, but only 22% are most concerned that they might be the victim of a cyber attack.
Amanda Finch, CEO of CIISec, says it is clear that there is a need to reduce stress among security professionals and allow them to focus on projects that will prove their value and increase the opportunities available to them.
One way to do this would be to implement established best practices and safety guidelines – the study found that 49% of responding employers did not follow recommendations. Cyber Essentials practice, and only 20% have been formally adopted by the National Cyber Security Center’s (NCSC’s). 10 Steps to Cyber Security guidelines
“Failure to adopt industry standards puts security teams on the back foot when it comes to protecting organizations against cyberattacks, and only adds to their day-to-day stress,” Finch said.
“By not investing the time and effort to make the lives of cybersecurity professionals easier, organizations are setting themselves up for failure. People need to be supported in their roles—with the right processes, the skills to do their jobs effectively, and a clear path to advancement. Without this, the industry will soon burn out.” Talent will see who can’t defend against evolving threats.”
The report also found that the UK cyber security market is in rude health, with 75% of respondents saying the market is growing and 15% saying the pandemic has improved job prospects for many respondents.
However, challenges and obstacles remain. A large number of respondents, 70%, said that people were their biggest challenge to effective security, compared to technology (17%) and processes (13%), highlighting the continued need to encourage cultural change as much as technological innovation.
On a more personal note, most respondents said they saw barriers to career advancement, including lack of confidence. Lack of support or advice from their employersOne assumption is their lack of skills needed for advancement, feelings of being unwanted or unaccepted in their workplace, and lack of training opportunities.
Security experts overwhelmingly say that better pay, opportunities for advancement, more job variety and more autonomy in it, and better training, will all help attract and retain talent.
Elsewhere, CIISec also reported that the cyber profession still has a long way to go in terms of diversity and inclusion. The majority of respondents to its study are men – 83% compared to 12% women – and true equal opportunity in cyber still seems a long way off.
Among other findings on the subject, CIISec reported that 36% of organizations had not implemented any kind of plan to address gender imbalance in their security teams, while 5% had tried, found it difficult and gave up.
More to the point, CIISec found an alarming reluctance among cyber professionals to address the surrounding issues Harassment or harassment in the sector. More than a fifth of respondents did not say they would feel comfortable raising concerns about this.
“Without diversity and inclusion, the industry will stagnate and be unable to keep up with complex cyber threats,” Finch said.
“By understanding and highlighting the different roles within cybersecurity, the industry can begin to attract different types of people. From forensics to threat intelligence researchers, there are opportunities for everyone.
“At the same time, art must not only attract people from diverse backgrounds, but also create a culture that is inclusive. Cybersecurity can no longer be seen as a boys’ club where technical skills are valued above all else. We need to move away from that and create a culture where everyone can thrive, feel valued and accepted.”