Skip to main content

Over half of cybersecurity expert admits lack of knowledge prompted mistakes at work

February 12, 2024

Woburn, MA – February 12, 2024 — With human error causing nearly two-thirds of all cyber incidents in the past two years, more than 50 percent of current cybersecurity professionals admit they made mistakes early in their career due to a lack of theoretical or practical knowledge, a new global study commissioned by Kaspersky has found[1].

Over the past two years, organizations have suffered at least one cyber incident due to a lack of qualified cybersecurity staff. While sourcing more qualified cybersecurity staff might be one of the solutions to tackle this problem, businesses worldwide are facing a severe lack of information security (InfoSec) professionals. According to current estimates, the cyber-workforce shortfall totals nearly 4 million.

The general cybersecurity skills gap is accompanied by the fact that many new starters in the industry must cope with the gaps in practical and theoretical knowledge, resulting in initial struggles and making errors in their job. Failure to update software (43%), using weak or guessable passwords (42%) and neglecting to perform backups in a timely manner (40%) turned out to be some of the most common mistakes made by InfoSec professionals worldwide early in their careers. In North America, the use of outdated security measures was also a common mistake cybersecurity experts made at the beginning of their career.

As cybersecurity professionals acknowledge they might not have had the required skillset and hands-on experience when entering the field, some point at additional difficulties with jump-starting their careers. Despite the cyber industry continuously reporting a workforce gap, 34 percent of respondents claim to have had three or more failed interviews before being selected for an InfoSec role.

It’s no secret that formal training programs often struggle to keep up with industry developments, and that is especially true for the cybersecurity field,” comments Marina Alekseeva, chief human resources officer at Kaspersky. “The fact that many employees in the market might have limited practical skills or gaps in their knowledge underlines the importance of a comprehensive onboarding process with a focus on peer learning and means companies must pay more attention to the upskilling of their employees.”

Initial challenges cybersecurity experts face when they join the industry may explain why nearly half of InfoSec professionals (46%) say that it took them more than a year to feel comfortable in their first cybersecurity roles. While 31 percent of respondents managed to get to grips with their job within one or two years, fewer than 10 percent of respondents said the process took them two to three years (9%) and more than three years (6%).

The full report and more insights on the educational background of cybersecurity experts and the initial struggles they faced in their careers are available via this link.

To tackle the knowledge gap and ensure a smoother integration of cybersecurity workforce into the workflow, Kaspersky recommends a series of both preventive and reactive measures:

  • At an educational level, training programs should be updated and become more flexible and agile, which can be achieved through collaboration with industry players and experts. Kaspersky contributes to this process by running a special program for universities — the Kaspersky Academy Alliance — which integrates cybersecurity expertise, offering program participants access to lectures and training sessions as well as the latest technologies.
  • Those who only plan to join the cybersecurity field can acquire experience in real-life cybersecurity scenario handling by completing an internship in an information security or research and development department. Another opportunity to boost practical skills is the participation in international competitions or Capture the Flag events. Follow the news on Kaspersky’s LinkedIn page to be the first to find out about openings in our internship program and updates regarding our global competition for students Secur’IT Cup.
  • Businesses can invest in upskilling programs for their corporate staff, helping the latter get new knowledge and skills, and remain competitive. Kaspersky provides a wide range of dedicated training programs for information security professionals, offering both professional education for individuals and corporate training.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact:

Cassandra Faro

Cassandra.Faro@Kaspersky.com

781-503-1812

 



[1] The research was conducted with 1,012 InfoSec professionals in 29 countries: USA, DACH (Germany, Austria, Switzerland), UK, France, Italy, Spain, Benelux (Belgium, Netherlands and Luxembourg), Brazil, Mexico, Argentina, Colombia and Chile, Saudi Arabia, UAE, Turkey, South Africa, Nigeria, Egypt, India, Japan, China, Malaysia, Singapore, Indonesia, Russia.

Over half of cybersecurity expert admits lack of knowledge prompted mistakes at work

Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases