Posted in News

Insider Threat Level: 2019 to Be the Year of Cybersecurity Hiring

Reading Time: 3 minutes


The Insider Threat Level is here to keep you up-to-speed on the latest examples of security best practices, incidents, and trends, so that you’re better prepared for anything coming your way.

This week, our feature story addresses the cybersecurity hiring statistics unveiled by the 2019 State of IT Careers report. It is a summary and response to ZDNet’s coverage: Cybersecurity, AI Skills to Dominate IT Staff Hires in 2019.

The Scoop

Spiceworks, the host of an online community for IT pros, recently released the 2019 State of IT Careers Report generated from the insights of roughly 1,000 IT professionals.

In the report, it was stated that one out of every three organizations (roughly 33%) across the U.S. and Europe plan to hire additional employees in the coming year. More specifically, 47% of those surveyed indicated that “IT Security / Cybersecurity” is anticipated to be the biggest area of attention, particularly for large, enterprise organizations.

This is particularly interesting, given that the conversation in the cybersecurity space has been revolving around the lack of qualified candidates for much needed positions. Are the findings of this report an indicator of change?

The report also found that roughly 26% of those surveyed are planning to look for a new role, with 8% intending to leave the field altogether. Broken down by age bracket, 33% of millennial IT professionals (i.e. those born between 1977 – 1992) seek new employment, with 62% (millennial and non-millennial alike) doing so based on salary considerations.

Hot Take

A potential 47% increase in cybersecurity hiring is a BIG deal. But where are these positions coming from, and what do they entail? Better yet, how are they being budgeted for, given that there is a projected shortage of qualified workers?

There are a lot of unanswered questions, but we are seeing some of them being addressed, albeit slowly. Some in the education sector are upping the ante when it comes to attracting and educating potential talent, with others calling for collaboration between institutions, industry, and government.

But at the end of the day it comes down to buy-in. Are organizations aware of the risks and cost of neglecting the implementation of cybersecurity programs? Or is it “hush, hush” until an incident occurs?

In terms of the insider threat problem in cybersecurity, we already know what the cost of avoiding the problem is…

Speaking of Cybersecurity Hiring…

ObserveIT is currently hiring! Be sure to check out our open roles, as well as the details for our recent Boston Globe Top Places to Work, and Boston Business Journal Best Places to Work wins!

What Else is Happening

Nordstroms Experiences Insider Threat-caused Data Breach

Source: SC Magazine

U.S. luxury department store giant Nordstroms has begun notifying its employees about a recent insider threat-based data breach that may have compromised their personal data. The incident is still under investigation, but PII data including: Social Security numbers, dates of birth, checking and routing numbers, salaries, and other details may have been inadvertently sent out via email.

(FEATURED) Working Remotely During Holiday Travel May Increase Cybersecurity Risk

Source: ObserveIT

55.3% out of 1,000 U.S.-based employees surveyed anticipated the need to bring a work device with them for holiday season travel, with a whopping 77% claiming that they regularly use free or unlocked WiFi on company devices. See the full results of the survey, and key learnings, through the link above.

Q3 Rise in Phishing Attempts Reaches 137 Million

Source: InfoSecurity Magazine

According to a new report, there has been a 28% increase in phishing attempts in Q3 of 2018 from Q2, with global internet portals and banks being the most frequently abused businesses.

Scotland and Northern Ireland Sees New Cybersecurity Skills Initiative

Source: ITPro

As mentioned earlier in this ITL report, there is a much talked about shortage of skilled cybersecurity workers. Thankfully there are some who are leading the charge to increase the potential candidate pool with appropriate training, like the Cyber Discovery scheme launched by the U.K. government. Initial cybersecurity training tests were performed in England but have now expanded to Scotland and Northern Ireland after prior success.

What You Might Have Missed

It’s easy to get caught up in the daily grind – we get it!

Here is what happened in the last Insider Threat Level: we discussed why the NITTF Insider Threat Framework is such a big deal, the implications of a U.S. indictment of potential state-sponsored threats, an incident in Nigeria, and the often high brand costs associated with a data breach.