All businesses must step up their investment in cybersecurity, which is currently inadequate in several industry sectors, and countries need to do better in prosecuting cybercriminals, the majority of which are getting away scot-free. While some industries traditionally had higher impetus to invest in cybersecurity, such as banking and financial institutions, other organisations also would face high risks as they moved to digitise their systems and processes. Speaking at the Financial Times' Cyber Security Summit held in Singapore Wednesday, Minister for Communications and Information Yaacob Ibrahim said cybersecurity should not be seen as a cost, but as an investment to manage risk. Weak cyber defences suffering from underinvestment could be breached more easily, leading to disruption of business activities and significant losses," said Yaacob, who is also Minister-in-Charge of Cyber Security. He referred to the 2015 cyberattack on French television network, TV5Monde, which disrupted its broadcasts and social media platforms.
After talking about the CISOs role in mergers and acquisitions, it's time we examine the shortage mentioned above, offer short and long-term solutions, and give guidance on how Chief Information Security Officers (CISOs) can be proactive and provide leadership to mitigate the issue. A recent report by Cybersecurity Ventures predicted that the existing cybersecurity workforce gap will increase to 1.5 million job openings by 2019. Some experts predict there will be a global shortage of two million cybersecurity professionals by 2019. Whether it is 1.5 million (July 2016) or two million (March 2017), there is a huge gap in cybersecurity skill sets that is affecting every vertical market. While no one CISO can win this battle, with our combined skills we can collectively mitigate the risk to an acceptable level.
If 2017 has taught us anything, it's that nothing is safe. Some poor MBA home alone for the holidays is probably still crunching the final numbers, but this year will likely turn out to be one of the worst in terms of cybersecurity breaches. Almost two billion records were lost or stolen globally in the first half of 2017. The Equifax breach was probably the most infamous, but there were plenty of other headline-grabbing cyber attacks, including the use of hacking tools developed by the National Security Agency. Storing private data on post-it notes taped around a computer monitor seems like a more secure choice these days.
That's how many unfilled cybersecurity jobs there are expected to be by 2021 -- more than the entire population of Iowa -- according to Cybersecurity Ventures. It's also up from 1 million in 2016, a 250% increase in five years, at a time when cybersecurity is becoming even more vital to protecting our way of life. The industry has been talking about this talent gap for some time, but the speed at which the problem is growing is startling. And unless we do something to address the issue, things will keep getting worse, putting not only the future of the cybersecurity industry at risk but jeopardizing the safety of millions of individuals, businesses, and institutions worldwide. To cure the problem, we must first understand the root cause.