Cipher identifies the key professions needed to protect organizations from Cyber Threats

Madrid, 2nd April, 2024 – The rapid advances being made in information technologies and digitalization increasingly require organizations to take a proactive approach to improving cybersecurity if they are to avoid compromising their critical infrastructure.

In short, this means creating a highly skilled and up-to-date cybersecurity workforce. However, the current supply and demand gap for these profiles, can lead to security breaches, economic losses, and reputational damage for organizations.

Highlighting the problem, Spain’s National Institute of Cybersecurity (INCIBE), says 83,000 new professionals will be needed in the field this year, but that there will be a significant shortfall in candidates

Adressing this critical challenge, Cipher, the cybersecurity division of the Prosegur Group, stresses the urgency of promoting training and talent development in cybersecurity, identifying key areas and highly qualified professional profiles that are relevant to ensure the protection of organizations and the continuity of their systems and business networks against cyber threats:

Cloud Security Specialist (Cloud Computing): The mass adoption of cloud services has transformed the way businesses operate, offering flexibility, scalability and efficiency. However, it also introduces new attack vectors and security management complexities. In this sense, there is a high demand today for professionals with expertise in cloud security, specifically related to platforms such as AWS, Azure and Google Cloud Platform, as well as cloud security architecture specialists who can design and implement security architectures that protect data and applications in hybrid, public and private cloud environments.

AI and Machine Learning Security Expert: AI and ML are revolutionizing the field of cybersecurity, enabling organizations to detect and respond to threats in real time with unprecedented accuracy. With this trend comes a growing demand for professionals trained in AI and ML and their application to advanced threat prevention who can use these advances to identify complex patterns and detect advanced threats that evade traditional defenses. These professionals must also be able to implement solutions that use AI to automate security incident response, reducing response time and workload for security teams.

Blockchain Security Specialist: Although best known for its use in cryptocurrency, blockchain has significant applications in cybersecurity, particularly in data integrity and identity management. This requires individuals who are skilled in using blockchain technology to secure transactions and protect data from tampering, as well as implementing blockchain-based identity management solutions that help improve security and privacy.

IoT Security Professional: With the proliferation of IoT devices, the security of these devices has become a critical aspect in the enterprise environment. This is an area that requires professionals who specialize in developing policies and technologies to protect IoT devices from attacks and secure communication between devices, as well as assessing and proactively managing vulnerabilities in these types of devices, including updating and patching.

DevScOps experts, adversary simulation specialists, and compliance: In addition to the areas already mentioned, professionals with cross-cutting skills and knowledge of emerging trends are needed to ensure organizations are protected. For example, there is a high demand for individuals with experience in DevSecOps (development, security and operations), which involves integrating security practices into the software development lifecycle and fostering collaboration between development, operations and security teams.

Security standards expert (cross-cutting skills and emerging trends): Organizations also need experts with knowledge of adversary simulation techniques (purple teaming) who can conduct attack and defense exercises to improve the organization's security posture. In addition, organizations need professionals with knowledge of sector-specific legislation such as NIS2 and standards such as ISO 27001 to meet compliance requirements. These types of profiles will be among the most sought after by organizations.