If there is one occupation that continues to dominate demand in tech hiring, it is cybersecurity.

Demand for cybersecurity staff has skyrocketed since “remote work” entered the lexicon and companies doubled down on digital assets as a way to prepare for future uncertainty.

The post-pandemic tech boom has been a boon to tech-savvy professionals with all their knowledge of software, but businesses are exposed to more dangers than ever before in cyberspace.

As threats from ransomware, malware, and intellectual property theft become all too real for businesses, recruiters are turning to cybersecurity experts to keep their businesses safe. The problem is that there aren’t enough of them anywhere to come and go, and much of the cybersecurity industry is starting to drop out due to stress and burnout.

There are many factors underpinning the shortage of skilled technical talent in the workforce, but one of the big ones is that technology is evolving at an alarming rate, which skills are still applicable in the medium to long term. (although coding is generally a safe bet).

However, management decisions are hampering companies’ efforts to adequately defend against cyberthreats. Leaders absolutely need cybersecurity expertise in their teams, but aren’t necessarily willing to pay for it. Or, to be more precise, they are not going to pay enough.

According to a recent O’Reilly report, only a third of HR decision makers at UK tech companies will spend more than 10,000 ($11,600) on cybersecurity-related recruitment, learning and development over the next 12 months. It turns out that there is an intention. Given that more than half of cyberattacks cause businesses more than her $100,000 in damage, an employer invests his tenth of this amount to stop such attacks from occurring. It’s amazing how hesitant you are.

Budgets are always a contentious topic in business, especially when many IT leaders don’t have a say yet, and for what may not happen (even though it might) It is difficult to persuade company management to invest in something invisible. In corporate decisions, even those related to technology.

But 10,000 doesn’t seem like a big deal when you consider how much employers spend on giant offices and glitzy corporate hubs that are only used once or twice a week. One way companies can budget for technical training is to figure out how much office space they actually need and shrink accordingly.

But while money is an important factor, it’s only one part of the multifaceted cybersecurity skills problem. Many businesses still don’t have the right mindset to effectively navigate increasingly complex work environments. It is usually the result of leadership.

Just like employees, business leaders were thrown into remote work in 2020 with little planning or preparation. They were busy shipping laptops, setting up VPNs, and monitoring employees who suddenly disappeared, but what does such a massive disruption in workplaces and IT practices mean to cybersecurity in the long run? Few people were thinking of doing it.

Many leaders still do not address this issue, instead adopting a “set it and forget it” attitude towards cloud apps and security software that do not offer a holistic approach to risk management.

The scale of the problem was highlighted in an October report from cybersecurity firm Savanti. In a survey of 800 global directors, 83% identified cybersecurity as a top priority, but simply requesting an IT security update or auditing their company’s cyber readiness could Less than half, if any, took concrete steps.

The report also found that Chief Information Security Officers (CISOs) are recruited, managed and measured as technical experts rather than business leaders. So when you make a big strategic decision, there’s no one in the room who can explain how it affects IT and cybersecurity.

No wonder so many IT leaders are fed up with not being listened to. That’s probably why, according to Savanti, the average CISO tenure is just 2.3 years for him.

The good news is that most companies are beginning to realize that they can no longer remain silent on cybersecurity issues. If you haven’t been the victim of an attack or attempted an attack before, you almost certainly know of a company that has been, or could have been better prepared than you were.

The intense media focus on cybersecurity is another motivation for companies to stay out of the limelight. Falling prey to a cyberattack is ugly and the financial, operational and human impact can be devastating as a business tries to cope. with the recession.

As we approach 2023, businesses must balance costs against the growing need for technology skills. But cybersecurity cannot be an afterthought if leaders are serious about building resilience and facing a year of uncertainty.

