The talent shortage is widening. But, Kate O'Flaherty asks, what specific skills is the industry lacking and how can it fill the gap?
Ojas Rege argues that CISOs and CEOs who broaden their cyber-security messages beyond the need for defence can create organisations that embrace innovation and drive performance.
Just as phishing has evolved, the way organisations detect and deflect these malicious messages must also change, looking at each distinct stages to a phishing attack - before, during and after.
Training that doesn't take into account the way humans learn and consume knowledge is never going to work.The way cyber-security is taught in workplaces is that it's usually anything but academic.
Recent research shows 41 per cent of UK respondents stating that they have complete trust in employees with privileged access. This isn't a good position to be in.
The book "Cybersecurity for Dummies," is now available free electronically and in print. It is designed to give all employees a practical understanding of cyber-security basics.
Organisations must begin efforts to secure the supply chain by first understanding their own position in it, and that of the multitude of "supply chains within supply chains" that may exist around them, managing that risk.
Some departing employees have no loyalties to their previous employer, so it is imperative that deprovisioning employees' corporate access on their last day is an absolute priority.
Organisations should create an environment where people feel comfortable discussing data security. If you can create a culture that values the importance of IT security, it can help minimise internal threats.
You'd think hackers will attempt social engineering exploits on your privileged users. In reality, it is more likely they will aim for a softer initial target. But once within the network, hackers will move onto their true target, the privileged user.
It is vital to ensure that employees are aware of and educated about a company's implemented security policy, know the best practice means of transmission and storage of corporate data, and have the tools they need to do their jobs.
Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.
Debbie Garside says simple end-user error is the biggest risk you face when it comes to data. But instead of end users facing the sack for making honest mistakes employers should be putting systems in place that protect them.
Creating policies that prevent users from exposing the company to threats while maintaining business continuity takes the maximum amount of risk off the table says Sam Hutton.
People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.
Rory Duncan advocates breaking down traditional silos within organisations, and creating a culture of openness as security affects everyone and if organisations tackle these challenges together, the benefits will be far greater.
Security tools are useful, but as Edewede Oriwoh explains, we also need to support our staff within an overall cyber-security strategy where employees are engaged and involved and come to own some of the security processes.