{"id":50379,"date":"2024-02-02T16:05:38","date_gmt":"2024-02-02T21:05:38","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?page_id=50379"},"modified":"2024-05-14T09:55:28","modified_gmt":"2024-05-14T13:55:28","slug":"portrait-of-infosec-professional-report-2024","status":"publish","type":"page","link":"https:\/\/www.kaspersky.com\/blog\/portrait-of-infosec-professional-report-2024\/","title":{"rendered":"The portrait of modern information security professional"},"content":{"rendered":"<style>.c-page h1,.c-page h2,.c-page h3,.c-page h4,.c-page h5{ text-wrap: balance; } .c-wysiwyg blockquote{background: rgb(0 153 129 \/ 10%);}.c-wysiwyg blockquote p{font-style:normal} .img-big { width: 100vw!important; max-width: 1024px!important; left: 57%!important; position: relative; transform: translateX(-50%); }.accent{color: #00a88e; margin: 0;font-size:1.5rem;font-weight: 900;}.c-wysiwyg .accented-list li:before {top:1.15rem}.c-wysiwyg .accented-list li{margin-bottom:1.25rem}.c-wysiwyg hr+*{margin-top:2.5rem}.c-wysiwyg hr{border-bottom: 2px solid #00a88e; width: 120px;margin: 1rem 0 -1.25rem 0;}blockquote h5 { color: #00a88e; font-style: initial; } span.accented-quote { display: block; font-size: 60px; font-family: sans-serif; line-height: 20px; margin-top: 30px; margin-left: -3px; }@media(min-width: 40.6875rem){.accent{font-size:2rem}.c-wysiwyg .accented-list li:before {top:1.75rem}.c-wysiwyg hr{border-bottom: 2px solid #00a88e; width: 160px;}}span.footnotes { position: relative; display: inline-block; border-bottom: 1.5px dashed #333; line-height: 1em;transition: 0.5s; background: transparent; cursor: pointer; } span.note { position: absolute;line-height: 1.6em; width: 300px; opacity: 0; visibility: hidden; left: 0; top: 15px; transform: translateX(-50%); transition: 0.3s; background: white; padding: 15px 20px; box-shadow: 0px 3px 7px #ababab; border-radius: 3px; cursor: initial; } span.footnotes:hover { background: #ffffd5; } span.footnotes:hover .note { z-index:999;opacity: 1; visibility: visible; }@media(max-width:480px){span.note {position: fixed;left: 5px; top: 50vh;transform: translatey(-50%); width: 100vw;}}.c-wysiwyg .illustration-list { margin-left: 0; display: grid; grid-column-gap: 5vw; grid-template-areas: \"a a\" \"b c\" \"d e\"; } @media (max-width: 640px) { .illustration-list { grid-template-areas:\"a\" \"b\" \"c\" \"d\" \"e\" }  } .c-wysiwyg .illustration-list li { margin-bottom: 2em; } .illustration-list li:before { display: none; } .illustration-list span.accent { font-size: 1em; } .illustration-list img { width: 128px; }.desktop-banner {display:block!important} .mobile-banner{display:none!important} @media(max-width:768px){.desktop-banner {display: none!important} .mobile-banner{display: block!important}}a.c-slider__arrow.c-slider__arrow--prev.slick-arrow,.c-gallery-slider .c-slider__arrow.c-slider__arrow--next, .c-gallery-slider .c-slider__arrow.c-slider__arrow--right {background:none} .c-gallery-slider .c-slider__arrow.c-slider__arrow--next:before, .c-gallery-slider .c-slider__arrow.c-slider__arrow--right:before,.c-gallery-slider .c-slider__arrow.c-slider__arrow--left:before, .c-gallery-slider .c-slider__arrow.c-slider__arrow--prev:before { filter: invert(1); transform: scale(1.25); }.slick-slider .slick-list{max-height:410px!important}.c-article__content blockquote li, .c-article__content blockquote p { font-size: 1rem; }h5 { color: #737373; }<\/style>\n<p><img decoding=\"async\" class=\"img-big aligncenter size-full wp-image-50381\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2024\/02\/02144852\/Portraits-of-Infosec-professionals.jpg\" alt=\"\" width=\"1024\" height=\"683\"><\/p>\n<h2>Introduction<\/h2>\n<hr>\n<p>Cyberattack disruptions to banks, industry and critical infrastructure are said to cost the global digital economy in excess of <a href=\"https:\/\/cybersecurityventures.com\/hackerpocalypse-cybercrime-report-2016\/\" target=\"_blank\" rel=\"nofollow noopener\">$10.5 trillion<\/a> a year. While cybercrime is rising globally, businesses are facing a huge cybersecurity talent shortage, with many positions requiring cybersecurity skills remaining unfilled. According to the World Economic Forum and ISC2 \u2013 the world\u2019s leading member organization for cybersecurity professionals \u2013\u00a0right now, we need <a href=\"https:\/\/media.isc2.org\/-\/media\/Project\/ISC2\/Main\/Media\/documents\/research\/ISC2_Cybersecurity_Workforce_Study_2023.pdf?rev=28b46de71ce24e6ab7705f6e3da8637e\" target=\"_blank\" rel=\"nofollow noopener\">4 million cybersecurity experts to support today\u2019s global economy<\/a>.<\/p>\n<p>The human factor is a key element in the global cybersecurity ecosystem. No matter how reliable cybersecurity solutions are, human imperfections will always remain a huge vulnerability in an organization\u2019s threat protection. And those in charge of safety in cyberspace can also make mistakes such as ignoring alerts, misinterpreting data, or errors leading to data leakages or breaches in the company. They also need to keep up-to-date with the latest dangers and threat fighting techniques. According to a recent Kaspersky <a href=\"https:\/\/www.kaspersky.com\/blog\/the-human-factor-in-it-security\/\" target=\"_blank\" rel=\"noopener nofollow\">study<\/a>, companies had suffered at least one cyber incident in the last two years due to a lack of qualified cybersecurity staff. To counter this shortage, they wanted to hire more qualified information security (InfoSec) specialists, acquire software to manage cybersecurity and four in ten were even willing to outsource the job. But, with the world shortage of InfoSec professionals, this is easier said than done. In the first half of 2023, despite a growth of 9 percent, the global cybersecurity workforce <a href=\"https:\/\/media.isc2.org\/-\/media\/Project\/ISC2\/Main\/Media\/documents\/research\/ISC2_Cybersecurity_Workforce_Study_2023.pdf?rev=28b46de71ce24e6ab7705f6e3da8637e\" target=\"_blank\" rel=\"nofollow noopener\">gap<\/a> still has a shortfall of nearly 4 million experts. What is the reason for this dilemma?<\/p>\n<p>Perhaps this problem is a result of the peculiarities of the education industry or the consequence of the fast-evolving threat landscape: when keeping pace with the latest industry developments, companies worldwide are forced to face the need to evaluate and enhance their InfoSec employees\u2019 skills to tackle the rapidly growing cyber threats. The skills shortage, the lack of InfoSec professionals, and the increased number of cyberthreats create a vicious circle. This problem has existed for many years: however, many cyber professionals state the skills gap has not narrowed. In fact, it has gotten even worse.<\/p>\n<p>Kaspersky\u2019s global report \u201cThe portrait of modern information security professional\u201d seeks to analyse the exact reasons behind this gap in the cybersecurity workforce and looks both into the aspect of education and the current state of the labor market. The research reveals how cybersecurity education programs are struggling to keep pace with the latest industry developments and how they affect cybersecurity professionals\u2019 career paths. It also identifies the most understaffed roles, the skills and characteristics bosses look out for in the hiring process and how they evaluate potential candidates\u2019 effectiveness and their education.<\/p>\n<h2>Methodology<\/h2>\n<hr>\n<p>For the report, Kaspersky commissioned Grand View Research to undertake a survey, questioning CIOs, heads of SOC, leading specialists, team heads, and InfoSec experts with various degrees of experience: less than one quarter (22%) have held their job for two to five years, more than one third (37%) have worked in their position for more than ten years, but the majority (41%) have five to ten years\u2019 experience. All the respondents worked across a variety of industries including IT, Consumer Goods and Retail, CME (chemicals, metals and energy), and Government Agencies.<\/p>\n<p>The research was conducted with 1,012 InfoSec professionals in <span class=\"footnotes\">29 countries<span class=\"note\">USA, DACH (Germany, Austria, Switzerland), UK, France, Italy, Spain, Benelux (Belgium, Netherlands and Luxembourg), Brazil, Mexico, Argentina, Colombia and Chile, Saudi Arabia, UAE, Turkey, South Africa, Nigeria, Egypt, India, Japan, China, Malaysia, Singapore, Indonesia, Russia.<\/span><\/span>, from Asia-Pacific, Europe, the META region, plus North and Latin America.<\/p>\n<p>The report is made up of four\u00a0chapters, namely:<\/p>\n<p><strong>Part 1. Cybersecurity Education Lags as Professionals Struggle On<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/portrait-of-modern-infosec-professional-research-2024-education\" rel=\"noopener nofollow\" target=\"_blank\">Chapter 1 \u201c<strong>Educational background of current cybersecurity experts<\/strong>\u201c<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/portrait-of-modern-infosec-professional-research-2024-struggles\/\" target=\"_blank\" rel=\"noopener nofollow\">Chapter 2 \u201c<strong>Initial professional struggles<\/strong>\u201c<\/a><\/li>\n<\/ul>\n<p><strong>Part 2. The way business and InfoSec professionals interact<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/portrait-of-modern-infosec-professional-research-2024-labor-market\/\" target=\"_blank\" rel=\"noopener nofollow\">Chapter 3 \u201c<strong>State of InfoSec labor market<\/strong>\u201c<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/portrait-of-modern-infosec-professional-research-2024-evaluation\/\" target=\"_blank\" rel=\"noopener nofollow\">Chapter 4 \u201c<strong>Evaluation process and ways to acquire more expertise<\/strong>\u201c<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Analyzing the reasons of cybersecurity skills shortage <\/p>\n","protected":false},"author":2706,"featured_media":50381,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"class_list":["post-50379","page","type-page","status-publish","has-post-thumbnail"],"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/portrait-of-infosec-professional-report-2024\/"}],"acf":[],"banners":"","is_landing":true,"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages\/50379","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=50379"}],"version-history":[{"count":15,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages\/50379\/revisions"}],"predecessor-version":[{"id":50811,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/pages\/50379\/revisions\/50811"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/50381"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=50379"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=50379"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}