News Feed Item

With Investors Watching, Companies Remain Behind in Building their Cyber Workforce

It’s no longer just chief information security officers that are feeling the heat of cyber threats. Boards and investors are also adding fuel to the fire. In a new survey of 250 senior IT decision makers, Booz Allen finds that nearly 3 in 4 respondents (74 percent) agree that investors are holding senior business leaders accountable for cyber incidents.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180417006130/en/

This new data reinforces an urgent and expensive challenge: many organizations do not have the cybersecurity staff in place to fully protect themselves from evolving threats and the associated fallout from serious cyber-attacks affecting IP, sensitive customer data and business disruption. And, this trend may not end soon – 57 percent believe hiring top cyber talent will only become more difficult over the next five years.

This lack of talent is causing these organizations to make short-term staffing fixes to protect their business, often making the problem worse. Amid a recent barrage of cyber-attacks, most (83 percent) respondents have open cybersecurity positions to fill at their company, with 72 percent saying it is particularly challenging to identify and hire new, high-quality cyber defenders – like advanced threat hunters and malware reverse engineers.

“These findings are rooted in what Booz Allen has understood for quite some time – products alone won’t make organizations secure, tools are only effective when a skilled workforce is in place to use them,” said Booz Allen’s U.S. Commercial Lead, Bill Phelps. “The cyber talent gap has become an existential threat. Organizations will only find success through sustained investments in people like robust training and finding more effective ways to leverage scarce talent.”

Based on hundreds of engagements with government and commercial clients grappling with these challenges, Booz Allen offers five best practices to effectively and sustainably address the cyber talent gap:

  1. Take a multi-dimensional approach: Develop both cyber natives and novices, and establish well-defined career paths that allow vertical and horizontal movement so employees can learn in new contexts.
  2. Move the organization—and talent—out of reactive mode: Use automation tools to address routine cyber tasks so talent can prioritize more challenging cyber problems like advanced threat hunting.
  3. Reframe training approaches: Offering competitive compensation and benefits are table stakes. All employees must have time for diverse and experiential training like capture the flag games, purple teaming and other “live fire” type exercises.
  4. Look beyond certifications: Ensure recruiters are looking for soft skills to augment the traditional abilities of cyber defenders. Organizations should validate expertise through skills-based assessments.
  5. Use sourcing and industry partnerships strategically: Traditionally in IT, sourcing was used to reduce costs by contracting third parties to perform commoditized tasks. Security companies must use sourcing and partnerships to secure access to scarce premium skills. Outsourcing should be more about securing advanced capabilities than about reducing costs.

Other key survey findings include:

  • In the short term, organizations are managing the talent gap by turning to tools and software (56 percent); training non-cyber employees (52 percent); and asking employees to work longer hours (45 percent).
  • These short-term solutions can leave organizations exposed. Respondents worry that being short staffed will increase vulnerability to cybercrime and theft (40 percent); create high levels of stress among current staff (34 percent); and lead to high turnover due to burnout (29 percent).
  • To stay competitive in the talent race, organizations are prioritizing incentives like more competitive compensation and benefits (54 percent) and investing in the latest cyber technologies (51 percent) over paying for additional education, training, and other forms of professional development. This approach does not address the talent shortage over the long haul.

Booz Allen and KRC Research conducted this national survey of 250 senior IT decision-makers from March 23 to April 4, 2018. For more information, visit BoozAllen.com/media-center.


About Booz Allen Hamilton

Booz Allen Hamilton (NYSE: BAH) has been at the forefront of strategy and technology for more than one hundred years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering, and innovation expertise.

With international headquarters in McLean, Virginia, the firm employs approximately 24,225 people globally, and had revenue of $5.80 billion for the 12 months ended March 31, 2017. To learn more, visit www.boozallen.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. Commvault can ensure protection, access and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his general session at 18th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Part...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, and communicator. For over 30 years across five continents, he has built success with Fortune 500 corporations, vendors, governments, and as a leading research analyst and consultant.
"Cloud computing is certainly changing how people consume storage, how they use it, and what they use it for. It's also making people rethink how they architect their environment," stated Brad Winett, Senior Technologist for DDN Storage, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
In his session at 20th Cloud Expo, Brad Winett, Senior Technologist for DDN Storage, will present several current, end-user environments that are using object storage at scale for cloud deployments including private cloud and cloud providers. Details on the top considerations of features and functions for selecting object storage will be included. Brad will also touch on recent developments in tiering technologies that deliver single solution and an end-user view of data across files and objects...
No hype cycles or predictions of zillions of things here. IoT is big. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, Associate Partner at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He discussed the evaluation of communication standards and IoT messaging protocols, data analytics considerations, edge-to-cloud tec...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
In his session at @ThingsExpo, Dr. Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, presented the findings of a series of six detailed case studies of how large corporations are implementing IoT. The session explored how IoT has improved their economic performance, had major impacts on business models and resulted in impressive ROIs. The companies covered span manufacturing and services firms. He also explored servicification, how manufacturing firms shift from se...
For far too long technology teams have lived in siloes. Not only physical siloes, but cultural siloes pushed by competing objectives. This includes informational siloes where business users require one set of data and tech teams require different data. DevOps intends to bridge these gaps to make tech driven operations more aligned and efficient.
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
The best way to leverage your CloudEXPO | DXWorldEXPO presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering CloudEXPO | DXWorldEXPO will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at CloudEXPO. Product announcements during our show provide your company with the most reach through our targeted audienc...