Fewer companies firing staff over data breaches in 2021: study
DUBAI, December 20, 2021
Fewer enterprises globally now fire employees because of data breaches, said leading cyber security company Kaspersky in a new report.
In the META region this common measure in responding to data breaches actually witnessed an increase when comparing the numbers to 2018 (22%) to the27% in 2021, according to the Kaspersky study titled ‘IT Security Economics 2021: Managing the trend of growing IT complexity’.
In 2021 across the META region, though the number slightly increased in the laid off senior IT staff (15% in 2021, compared to 13% in 2018), the figure for senior IT security roles actually decreased (5% in 2021 compared to 15% in 2018) if a data breach occurs.
The split of employees that could lose their job as a result of a cybersecurity breach has also changed. In addition to senior IT and IT security roles, C-level executives are likely to be exposed to dismissals too – 3% in 2021 similar to 3% in 2018. The trend is also relevant for non-IT senior staff. As a result, the overall split across IT and non-IT, senior and non-senior roles, became flatter than a few years ago.
The demand for retaining and nurturing expertise is seen, for example, in budget planning: 30% of enterprises report the need to improve the level of specialist security expertise as the top reason to increase their IT security budget. In fact, this is the second most common reason, followed only by increased complexity of IT infrastructure (38%). Furthermore, by investing in internal specialists, employers are interested in retaining their knowledge within the company so that employees could leverage their skills in future.
“The transfer to remote work and processes has put increased pressure on the information security sector. With cybersecurity jobs in such high demand and skilled professionals in low supply, companies are realizing the value of senior security executives and the need to plug the talent gap,” said Evgeniya Naumova, Executive VP, Corporate Business at Kaspersky.
“As digital transformation intensifies, not only does the need for well-trained professionals grow, but the management's awareness of cybersecurity. Incidents cannot be completely ruled out. The highest possible level of cybersecurity depends on an adequate strategy, represented by IT security experts. We therefore very much welcome positive trends regarding the appreciation of specialized staff,” said Sebastian Artz, Head of Cyber and Information Security at Bitkome.V., Germany´s digital association.
Companies that face the lack of internal expertise can use the following tips to raise the level of their cyber defence:
• Train internal talent. Provide your IT security team with opportunities for additional education, including participation in expert courses or webinars. Specialists will appreciate a company that cares about their professional development and will be able to apply new knowledge to specific organizational processes.
• Encourage employees to share practical experiences and work on varied, non-standard tasks. Cybersecurity workers can also augment their expertise by reaching out to industry leaders that could provide unique knowledge to solve advanced challenges.
• If the lack of resources or expertise has to be solved in the short term, or the existing team is struggling to deal with the increased software security levels and constantly evolving protection technologies, a business can gain help from third-party IT security providers. Managed services from trusted IT security providers combine the most advanced automated tools with professional expert support to ensure timely detection, threat hunting, and remediation. – TradeArabia News Service