U

Find what you are looking for...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
post
product
Filter by Categories
Blog
Customer Case
Event
Guides
Know-how
Learning Center
News
Solution descriptions
Use Case
Webinar
White paper

Start » Learning Center » Blog » Lack of competence in cybersecurity – a matter for management

Lack of competence in cybersecurity – a matter for management

The need for competencies and competence in cybersecurity is constantly increasing. The reason is of course the digitalisation and the vulnerabilities that it entails. However, there has been a shortage of competence for many years, not only in Sweden, but also globally, within cybersecurity. To address this shortage of competence, all management teams need to take responsibility for cybersecurity work and ensure both prioritisation and resources.

The lack of competence in cybersecurity is large

In 2020, the IT and telecom companies in Sweden published a report in which they estimated that in 2024 there will be a shortage of 70,000 people with competence in IT and digitalisation. The lack of competence in Sweden in this area is thus very large.

However, this is not only a national problem but a global challenge that most countries must deal with. According to the (ISC) study Cybersecurity Workforce Study, it was estimated that there was a lack of over 4 million people with competence in cybersecurity globally.

The problem is that the gap between demand and available competence is increasing with each passing day.

 

Lack of competence

Different competences in cybersecurity are needed

Since 2018, the organisation SOFF (Security and Defense Companies) has conducted surveys regarding the cyber competence needs of the association’s member companies. The 2022 report shows that it is above all specialists who are in demand for new employment. The industry is mostly looking for competencies in security architecture and network security. Two competencies that are both expected to continue to be the most important skills and competencies for companies within the next five years.

At the same time, the demand for people with communicative and analytical skills is also growing, and for companies’ continued development and competitiveness, both technical and communicative and analytical skills are needed.

The lack of competence in cybersecurity is a societal problem

Cybersecurity is one of the biggest challenges for companies today. Many companies, states and authorities operate on a global market and in a totally connected environment. With that comes new threats and demands for security, confidentiality and integrity that must be addressed.

In a time of intense digitalisation, the area has become, and is increasingly becoming, neglected. Demand is increasing and despite scattered efforts being made, society is not succeeding in securing the supply of skills for those who need it. The consequences of digitalisation that are allowed to continue without the support of expertise in information and cybersecurity are difficult to foresee. What can be said with certainty is that trust and secure digitalisation cannot be guaranteed. In Sweden, FRA (Försvarets radioanstalt), the Swedish Armed Forces, MSB (Agency for Civil Protection and Emergency Planning) and the Security Police together with the Police Authority released a report in 2020, Cyber Security in Sweden – Threats, methods, shortcomings and dependencies, where they state that the lack of relevant expertise in cybersecurity is a societal problem.

To secure the supply of competence in cybersecurity, it is required that more people are trained in the area in the coming years. But it is also necessary that more people prioritise the work with cybersecurity.

 

Management

Management needs to take responsibility for cybersecurity

To secure society, all management teams need to take responsibility for, and do their part in, the work with cybersecurity. What needs to be done is the following:

  1. A strategic decision about the company’s security work needs to be made and this must then be followed up continuously. This needs to be an issue that is raised at all management and board meetings!
  2. It needs to be clarified at all levels within the organisation how important and prioritised work with cybersecurity is and the management then needs to step in and continuously support the work with cybersecurity.
  3. There is a need to recruit specialists in cybersecurity, something that is not always easy as there are not enough trained people.
  4. In addition, you need to train your entire organisation in security. That is, create a security culture. Security culture is about how employees’ values affect the way they think and act in relation to risk and security. It is therefore of great importance for how you work and affect the employees on a daily basis. By raising the general security mindset, one can avoid most common mistakes that lead to successful cyberattacks.

 

Do you feel that you need help getting started with cybersecurity? Then you can read our guide!

Do you need more help with how to solve your security problems? Then you are welcome to contact us at Advenica!

 

 

Related articles

Why investing in cyber resilience is crucial to our society

Why investing in cyber resilience is crucial to our society

With the digital development and cyberattacks increasing, it becomes more and more important that all of society works with cyber resilience. But what is the difference between cyber resilience and cybersecurity? And what is needed in a cyber resilience strategy? In this blog we give you the answers.

Data diodes – a security solution that is secure for many years

Data diodes – a security solution that is secure for many years

When choosing a security solution, there are many aspects to take into account. An important aspect is the lifetime of the solution you choose, that is, how long the solution will actually be as secure as when you bought it, regardless of what new threats and vulnerabilities that emerge. This is one of the reasons why you should choose data diodes as your security solution!

Why is it important to be able to trust digital information?

Why is it important to be able to trust digital information?

Today, much of the information we handle and take in is digital. But how do we know that we can trust the information we read? It is more important than ever that all organisations take responsibility for protecting their information, ensuring that it is accurate and trustworthy. In this blog post, you can learn why information security is so important and what you can do to protect your digital information!

Data diodes – the simple way to secure your valuable information

Data diodes – the simple way to secure your valuable information

When NIS 2 becomes law and authorities will be able to carry out audits to see if organisations meet the requirements of the legislation, it is important to have good documentation of the technical solutions that safeguard your systems. Does your organisation have such clear documentation? The organisations that use data diodes to protect their sensitive information have a simple solution with a high level of security. This makes it easier to gain confidence in the security of the audited system which facilitates an audit and means, among other things, that you need less documentation. Maybe it is time to switch to data diodes?

Explore more