72%: this is the share of companies internationally who believe that the lack of cyber security talent creates more risks for their company (70% in France). A figure emerging from report “Global Security Skills Gap Report”, published by the American company Fortieth which publishes cyber security software, services and equipment.
Companies are more vulnerable to cyber attacks
The survey was conducted in January 2024 among 1,850 cybersecurity and IT managers from 29 different countries, in companies with 100 to more than 5,000 employees. Among these 1,850 managers, 87% believe that a security incident occurring in their systems can be partly attributed to a lack of cybersecurity skills (76% in France). This is three points more than 2023 and seven points more than 2022.
This observation is even more important as more than half of managers estimate the costs and financial losses associated with a breach of their systems to be $1 million or more (43% in France). In addition, 51% of professionals surveyed said directors or senior executives have suffered financial or criminal sanctions or dismissal following a cyber attack. French employees (nearly 200) consider themselves half concerned (26%).
Seven out of ten companies are willing to finance an employee’s certification
To recruit professionals in cyber defense, surveyed companies prefer continuing education and certification, i.e. validation of knowledge in the field. Thus, certified profiles are a priority for 90% of recruiters, a figure that rises to 98% for French companies. Faced with a lack of applicants, four out of five managers say they are willing to finance an employee’s cybersecurity certification. 72% of them also experience difficulties in recruiting profiles with certificates.
On the occasion of the InCyber Forum held in March in Lille, Vincent Strubel, Director General of the National Agency for the Security of Information Systems (Anssi) regretted the lack of attractiveness of the sector. A problem closely related to the poor perception of the various professions in the sector.
An obvious labor shortage
To meet these recruitment needs, some companies do not hesitate to turn to new, less conventional and traditional profiles. However, half of French companies continue to prefer candidates who have completed a specialized course for several years, and two-thirds of them only hire candidates who have completed the traditional course.
Next another report published last year by the association of cybersecurity professionals ICS2, 4 million new professionals will be needed to close the gap between demand and supply in this field. The difference is 12.6% greater than the previous year.