European CISOs at risk of burnout as skills shortage intensifies

At the beginning of my career I was very fortunate to work for an employer (BT) that had a ‘grow your own’ mentality for systems engineers and other skilled technical staff. Those staff then either stayed and progressed (I lasted 10 years) or took their skills and worked elsewhere. Larger employers need to adopt a similar ‘grow your own’ approach. We’ve seen the rise of apprenticeships for the big accounting houses, why not for cyber security?…:

Some of Europe’s most senior security professionals are at risk of burnout as the cyber skills shortage intensifies amid a wave of threats.

According to a survey of more than 3,000 cyber security “decision-makers” in the UK, France and Germany, nearly two thirds of those working in the industry (63 per cent) have considered leaving it.

Half of those surveyed (48 per cent) said attackers have “unprecedented resources and support from ‘bad actors’” including cyber crime gangs and state-sponsored actors. Some 46 per cent said their teams were “too busy to keep up with the necessary skills development” while 44 per cent said they lacked the skills required to combat the threat.

The research, which was conducted by Goldsmiths University on behalf of the security giant Symantec, also revealed that the vast majority of professionals (78 per cent) have underestimated what the level of resource required to deal with threats and the same number again have been forced to rush threat assessments.

“We’re not going to be able to recruit our way out of the talent gap. A more systemic change has to take place,” said Darren Thomson, a Symantec executive. “The cyber security landscape has changed dramatically since today’s CISOs entered the industry. With thousands of threat events happening every second and the complexity of the IT estate growing exponentially, simply keeping pace is a challenge.

[…]

Original article here