Cybersecurity Resource Limitations Loom Large for IT
Among the challenges facing IT security management, “corporate security demands still outpace the available talent at alarming rates,” according to a new study released by Trustwave and conducted by Osterman Research. “The study shows that a fast-moving confluence of skills shortages, worsening threats, and disproportionate spending habits is leaving organizations increasingly vulnerable to data breaches, malware, phishing, and a variety of other information security problems that can have serious or even devastating consequences,” the security firm said in a press release.
The survey of 147 IT security “decision makers and influencers” reported that 57 percent said finding and recruiting skilled IT talent is a “significant” or “major” challenge. Only 18 percent believed 75 percent or more of their staff has the skill sets to deal with complex issues, and roughly 10 percent said it is “very likely” they will have appropriate staff to meet future security demands. Forty percent said the most inadequate skill sets are in emerging and evolving security threats.
“The shortage of staff able to solve complex security issues is an industry problem that continues to worsen, but the way organizations are going about filling this void is all wrong. Typical recruiting methods are not proving fruitful, yet we keep seeing enterprises simply throwing bodies at the problem when what is really needed is a better staff training, more budget support to hire the right personnel, and additional assistance from experienced third-party experts…,” said Trustwave Senior Vice President of Managed Security Services Chris Schueler.
Other key findings from the report include the following:
- Turnover is higher among IT security professionals than in other departments, according to 36 percent of respondents.
- Twenty-four percent of respondents have “complete control” of their annual IT security budget, while 24 percent have “little to no control.”
- Seventy percent of respondents reported “disagreements between IT and senior management on budget and staffing issues.”
- One-third of respondents find it difficult to identify the IT security skills and competencies needed.