Earlier this year, the World Economic Forum (WEF) reported that there is a widening skills gap in cybersecurity. The article cites that in 2022, ISC found that 3.4M more skilled cybersecurity professionals are needed globally, which is more than 2x the gap in 2019. During that time, according to the Verizon Data Breach Investigation Report, there has been a 13% increase in ransomware breaches. The cost of a breach continues to skyrocket as well. Statista is projecting that the global cost of cybercrime will grow from $8.4T in 2022 to almost $24T in 2027. With this much at stake, the skills gap could literally cripple some industries.
Fortinet is one of the biggest security vendors and is revamping its Network Security Expert (NSE) Certification program to address the talent shortage in the cybersecurity field. At its recent Fortinet Accelerate 2023 user event, skills gap was a big topic with the company but also with the partners and customers. The vendor wants to upskill existing security professionals and provide opportunities for those entering the field by aligning the training curriculum with different cyber career pathways.
Fortinet established its NSE Certification program in 2015 and has since made several changes to the program, catering to the diverse skillsets and expertise levels of security professionals. At the event, Fortinet announced that the program will now have new certification designations, including:
- Fortinet Certified Expert (FCX): Evolving from NSE 8, this represents the highest proficiency in network security design, configuration, and troubleshooting for complex networks.
- Fortinet Certified Engineer (FCE): Specializing in cybersecurity solutions and advanced skills in key areas like zero trust network access (ZTNA), network security, public cloud security, security operations, and operational technology (OT) security.
- Fortinet Certified Professional (FCP): Focusing on role-based training in network security, public cloud security, and security operations.
- Fortinet Certified Associate (FCA): Centering on cybersecurity technology, network security, and the technical aspects of next-generation firewalls.
- Fortinet Certified Fundamentals (FCF): Covering foundational knowledge and skills for operating cybersecurity products and solutions, including courses on the threat landscape and cybersecurity basics.
Security teams should update their skills regularly to combat the evolving threat landscape. By enhancing the training curriculum, Fortinet hopes to benefit both individuals and organizations that require skilled talent. According to the vendor, existing NSE Certification holders will experience a smooth transition to the revamped program, with the enhancements gradually rolling out and a full transition expected by fall 2023.
Fortinet also announced expanded cybersecurity education efforts through its Training Institute, which aims to train a million people by 2026. This includes collaborating with public and private sectors to provide virtual internships in India. The Training Institute is on a mission to surpass 500 academic partners globally by adding new partnerships like Ecole 2600 in France, which has integrated Fortinet’s training curriculum.
As part of the training effort, Fortinet is further developing OT security skills by collaborating with Purdue University to use Fortinet’s donated hardware and software for its Smart Manufacturing Institute. Additionally, Fortinet is expanding free offerings for fundamental cyber awareness across 30,000 schools in the UK, and it’s increasing access to technical training for security professionals through the Authorized Training Center (ATC) program in Italy and the Czech Republic.
There is a lot of industry chatter regarding the loss of jobs due to automation and artificial intelligence (AI). IT professionals must prioritize re-skilling to ensure they remain marketable as the industry changes and security represents one of the biggest areas of growth. Fortinet’s certification programs provide a roadmap of skill progression from entry level to the highest level of security professional.
Zeus Kerravala is the founder and principal analyst with ZK Research.
(Read his other Network Computing articles here.)