Two months ago, two California state offices released the findings of a study conducted by the California Community Colleges Centers of Excellence for Labor Market Research. This study aimed to take a look at the growing gap between the supply of cybersecurity professionals and an ever-growing demand for these roles.

In a nutshell, organizations in California recognize the need for cybersecurity professionals, but simply aren’t finding the right mix of candidate work experience and skill sets in the available labor pool.

While state institutions do have related programs, most at the two-year level, they simply aren’t producing enough qualified professionals. The result? About 60% of hiring organizations are facing challenges in landing qualified workers to fill an incredibly important set of technology-based roles:
  • Technical Support Specialists
  • Network Operations Specialists
  • System Administrators
  • Software Developers
  • Systems Security Analysts
  • Cyber Defense Analysts
  • Cyber Defense Infrastructure Support Specialist
  • Vulnerability Assessment Analyst
  • Cyber Defense Forensics Analyst
For more detail, you can read more about this study here.

What Does this Mean to My Organization?
The concepts within this report speak to the wider business community outside of California, of course. It isn't just Californian companies that will lean on these resources more and more as time goes by.

It’s no secret that supply chains are moving further and further towards globalization at a fast pace. This shift isn’t reserved for only the largest organizations anymore – small- and mid-sized organizations are starting to think more globally than they have in years prior. How has this been made possible? By technological advances in communications systems and data management.

Unfortunately, with many things tech-related, the regulatory landscape and internal organization SOP lags behind development. The result? A greater reliance on technology leads to a greater exposure to cybersecurity threats – the last thing you want to expose your supply chain to.

Examples abound, including a recent attack against British Airways (a type of supply chain attack that targets third party payment mechanisms to give hackers a way in). Don’t think that these attacks only impact the big guys, either. You don’t need to be the size of British Airways for this issue to impact your organization. Any organization that works with third parties or, more so, integrates such third parties into their own systems, is at risk.

Moving Forward
Any organizations concerned about how prepared they are to deal with cybersecurity threats can begin the process of assessing their own readiness and hardening their defenses.

This is a huge topic, certainly too big for this post to cover. That said, there are several high-level steps you can initiate now to get the ball rolling:
  • Identify what your organization’s security policies are as they relate to your supply chain and any third party suppliers involved in it.
  • Despite sounding like a technology problem, cybersecurity is very much a human resource issue! Make sure your team is well-versed in the types of attacks that could harm your organization. The best security system in the world can fall prey to a team member clicking on the wrong link in the wrong phishing email.
  • Confirm if key suppliers are aware of these policies and, more importantly, what their own policies are. A chain is only as strong as the weakest link – any vulnerabilities on your suppliers’ ends could become your own.
  • Bridge the gap by conducting an info exchange with your suppliers to make sure a complete understanding exists on both sides.

Moving forward, ensure that security concerns are discussed as part of any RFP initiatives. If you aren’t asking suppliers to detail their procedures in your RFP questionnaires, now is the time to start.
Without a doubt, your supply chain will be more and more dependent on technology – an area that could very well face a shortfall in resources available to handle it. Take steps now to shore up your security before it is too late.


Share To:

Brian Seipel

Post A Comment:

0 comments so far,add yours