Skip to main content

One in two cybersecurity professionals say formal education useless in current job

20 March 2024

Amid acute shortages of cybersecurity professionals, acting information security (InfoSec) experts are questioning the relevance of the formal education they received, Kaspersky’s new global research shows. The survey revealed that one in two cybersecurity professionals were not able to confirm the usefulness of their academic training when it came to helping them in their current role. As a result, these experts have to invest their resources in further training to tackle the ever-evolving threat landscape and keep up with industry developments.

According to ISC2, the world’s leading organisation for cybersecurity professionals, the existing cybersecurity workforce needs to grow almost two-fold to run at full capacity and support the global economy. To explore the root causes for the current cybersecurity skills shortage and the lack of InfoSec professionals, Kaspersky commissioned a global study¹ that takes a closer look at the educational aspects of the problem and the influence it has on the career paths of these experts.

Many InfoSec experts point out that the education system is detached from the realities of cybersecurity, resulting in a lack of applicability when it comes to real-life work experience: almost every other professional believes the knowledge taught in formal education was somewhat (14%), slightly (13%) useful or of no use at all (24%) when it came to fulfilling their job duties.

To determine the factors that might be holding back the educational field, respondents were asked additional questions. Less than half of respondents said their college or university programme offered them hands-on experience in real-life cybersecurity scenarios as live projects: 23% ‘strongly agreed’ with this statement, and 26% ‘somewhat agreed.’ In addition, access to the latest technologies and equipment, and the quality of internships emerged as the weakest aspects of cybersecurity education.

While one issue is the quality and relevance of educational programmes, another is the availability of cybersecurity and InfoSec training per se. For instance, half of current cybersecurity experts believe that the availability of cybersecurity or information security courses in formal higher education is either ‘poor,’ or ‘very poor.’ Among professionals with 2-5-years of experience, this figure soars to more than 80%.

“Cybersecurity education is facing certain challenges when it comes to keeping up with developments in the cybersecurity industry,” comments Evgeniya Russkikh, Head of Cybersecurity Education at Kaspersky. “The rapidly evolving nature of cyber threats means that educational programmes often struggle to ensure their content is up to date, leaving cybersecurity professionals with knowledge gaps. At Kaspersky, we help universities overcome these challenges and ensure continual learning and adaptation for young professionals by integrating the leading expertise of our industry experts into educational curriculums so that they combine practical hands-on experience with theoretical knowledge.”

The full report and more insights on the human impact on cybersecurity in business are available via this link.

To tackle the cybersecurity skills shortage, Kaspersky suggests a multi-faceted approach focused on the academic field, the InfoSec workforce, and businesses:

  • Higher education institutions can upgrade their curriculums by partnering with cybersecurity players and integrating the latest industry knowledge into their training programmes. Kaspersky has a special programme for universities to integrate cybersecurity expertise: the Kaspersky Academy Alliance, which offers programme participants access to world-class knowledge on cyberthreats, lectures and training sessions, as well as the latest technologies.
  • Young professionals can supplement their academic training with real-life job experience by completing an internship in an information security or R&D departments. Follow the news on Kaspersky’s LinkedIn page to be the first to find out about openings in the internship programme.
  • International competitions run by various companies and organisations also provide cybersecurity professionals with a chance to develop their skills by solving various cybersecurity challenges. Kaspersky runs the Secur’IT Cup, a global competition for students from all over the world and from various academic backgrounds. Participants have the chance to compete for an award while building an understanding of what it is like to work in the industry. 
  • Acting cybersecurity professionals can opt for continuous learning, undertaking additional training courses and certifications. Kaspersky provides a wide range of knowledge on information security for IT professionals, offering both professional education for individuals and corporate training.

Reference:

¹The research was conducted with 1,012 InfoSec professionals in 29 countries: USA, DACH (Germany, Austria, Switzerland), UK, France, Italy, Spain, Benelux (Belgium, Netherlands and Luxembourg), Brazil, Mexico, Argentina, Colombia and Chile, Saudi Arabia, UAE, Turkey, South Africa, Nigeria, Egypt, India, Japan, China, Malaysia, Singapore, Indonesia, Russia.

One in two cybersecurity professionals say formal education useless in current job

Amid acute shortages of cybersecurity professionals, acting information security (InfoSec) experts are questioning the relevance of the formal education they received, Kaspersky’s new global research shows. The survey revealed that one in two cybersecurity professionals were not able to confirm the usefulness of their academic training when it came to helping them in their current role. As a result, these experts have to invest their resources in further training to tackle the ever-evolving threat landscape and keep up with industry developments.
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases