Hey, remember the data breach, announced last year, that compromised 500 million user Yahoo! user accounts? Remember how Yahoo! followed that up by announcing a second, separate incident that involved 1 billion compromised accounts? In case either of those slipped your mind, on Wednesday Yahoo! announced that they “may have” experienced yet another data breach. Naturally enough, perhaps, Yahoo! laid these nefarious deeds at the doorstep of state-sponsored hackers. They didn’t name any particular countries, but cybersecurity experts are pointing the finger of blame at either China or Russia.
While Yahoo! hasn’t released information on the size of the new breach, they did send notifications to affected users saying that the intrusion came about through a forged cookie, which they have since invalidated so that “it cannot be used again.” Nothing like closing the barn door after the horse has escaped. Makes you wonder why anyone still uses Yahoo!
The internet is a great thing. Unfortunately, like so many grand and worthwhile creations, the worldwide web is susceptible to the malicious intent of ill-meaning con men, cheaters, and crooks. The creativeness of the legions of black-hat hackers has pushed the demand for skilled cybersecurity pros through the roof. After all, someone has to secure the mountain ranges of data gathered and stored online, as well as the systems used to accomplish that gathering and storage.
Unfortunately, there is a huge cybersecurity skills gap between talent that is needed and talent that is actually available. ISACA’s State of Cyber Security 2017 report found that, according to 37 percent of respondents, “fewer than one in four candidates (for open cybersecurity jobs) had the qualifications employers need to keep companies secure.”
This is good news if you’re a certified IT security pro — especially when you consider that hiring managers aren’t exactly enamored with recent college graduates. “The survey underscores a fundamental disconnect between employer expectations and what candidates can actually bring to the table,” said Matt Loeb, ISACA CEO. “Employers are looking for candidates to make up for lost time, but that doesn’t necessarily mean a significant academic investment. Many organizations place more weight in real-world experience and performance-based certifications and training that require far less time than a full degree program.”
The report also found that:
- 45 percent of IT hiring managers don’t believe most job applicants understand the business of cybersecurity.
- 55 percent said practical, hands-on experience is the most important cybersecurity qualification.
- 69 percent of organizations are requiring a security certification for open positions and most view certifications as equally, if not more, important than formal education.
It’s clear that filling cybersecurity positions isn’t easy. One in four companies reported that it usually takes at least six months, and often longer, to find the right applicant. It’s even crazier in Europe, where almost one-third of job openings go unfulfilled.
Not only is cybersecurity a target-rich environment for job seekers, there just isn’t that much competition. A typical corporate job opening will receive between 60 and 250 applicants, while just 59 percent of organizations in ISACA’s survey reported receiving at least five applications for open cybersecurity jobs. Just 13 percent received 20 or more applicants.
The best way to close this cybersecurity gap is with a certification, and one of the best to start with is TestOut Security Pro. Security Pro is a comprehensive security courseware containing 60 lab simulations, and more than 1,000 practice exam questions that will give you the knowledge and experience needed to break into the industry as an entry-level IT security administrator. With Security Pro you will gain the skills employers are looking for by having practiced them in hands-on scenarios.
You may not have been anyone’s special valentine, but President’s Day is almost here. What better way to show your respect for Honest Abe, as well as the Father of Our Country, than by equipping yourself with some comprehensive cybersecurity training?
About the Author — Calvin Harper is an associate editor for GoCertify and a veteran of the publishing industry. Calvin wants to know how many of the 1.5 billion (and counting) compromised Yahoo! user accounts are sporadically monitored shell accounts used to complete internet signups and deflect junk mail.