Angara Security HR Director Oksana Tkacheva points out SIEM

[tanjimajuha20]

Anastasia Fedorova believes that the shortage is felt in various positions, from engineers to management personnel: "The issue is especially acute with specialists who ensure the protection of critical information infrastructure facilities, SOC experts and security system architects. The deficit can be filled by focusing on working with junior specialists. Almost every major player in the market has its own programs for working with students and interns. The situation can be corrected by popularizing work in the field of information security for young people who are at the start of their careers and are just choosing a specialization."

maintenance engineers, system japan whatsapp number database architects, security analysis specialists, DevSecOps and digital forensics among problematic positions. In her opinion, the fact that the average length of service of employees in companies is changing has a negative impact: "Employees do not strive to work for a long time in one company, which complicates planning for the timing and quality of products. This is due to both personal priorities and the work model. Hybrid has entered our lives for a very long time."

"The shortage of personnel in information security is very large. We have to actively search for specialists, using all available means: personal contacts, social media, hunting. It is not enough to post a vacancy and expect that the right specialist will respond to it soon. It is often easier to train a young specialist than to find a ready one, - shares his observations Dmitry Kuzevanov, Director of the UserGate Monitoring and Response Center. - In general, there is a shortage in all positions. A little less for senior managers. But in full, if we talk about entry-level and mid-level specialists. In addition, after the departure of most foreign information security vendors from the Russian market, a large shortage is observed among specialties related to the development of information security products. Previously, a significant part of the work of information security specialists was associated with the implementation of foreign solutions, working with regulatory documentation. Now the time has come to develop their own solutions. Companies that have already been engaged in their own development are in a slightly better position. Over the years, they have built teams and processes. Now, when the demand for their products has increased many times over and they need to scale their work, they also need additional hands and brains. But they already have the core of the team, knowledge and experience that need to be transferred to new employees."

According to Natalia Yagovkina, stereotypes are a major obstacle to the influx of new personnel: "Many of us still see information security more as documentation work. The preparation of papers, requirements, orders, maps and regulations. There is, indeed, a lot of this, but that is not all. Well, there are also many stereotypes covering the information security sphere that are no longer very true, which many young people are simply afraid of. Therefore, reliable information is needed about what an information security specialist does and can do in commercial companies. There are many tasks, they are diverse and for every taste."