Well, this is interesting.
“Now, a new study from non-profit (ISC)2 drawing on survey responses from more than 11,000 cybersecurity practitioners and decisionmakers offers a more or less decisive answer to the argument: the problem lies mostly with organizations that fail to invest enough into developing their cybersecurity workforce, not a shortage of available talent.
“This analysis suggests that the most negatively impactful issues are ones that organizations can indeed control: not prioritizing cybersecurity, not sufficiently training staff, and not offering opportunities for growth and promotion. Being able to find qualified talent was actually the least impactful problem based on this analysis,” the report stated.”
Organizations that like to complain about not being able to find talent but also don’t bother to develop it are just leeches on their industry. Do you want more people skilled in cybersecurity or any other skill you’re having trouble finding? Teach it. Develop it. Grow it.
It’s not easy, but that’s how you address a lack of skilled workers. Educational and systemic changes are going to take way too long.