According to a study conducted by Dimensional Research among 500 IT security professionals, only twenty-five percent were confident their organizations have the number of skilled cyber security experts needed to effectively detect and respond to a serious cyber security breach.
Are you confident that your organization has enough skilled cyber security experts to detect and respond to a serious cyber security breach?
Sixty-six percent of the respondents said their organization faced increased security risks due to the lack of skilled cyber security experts.
Despite the high demand for skilled cyber security professionals, businesses have encountered a shortage in the workforce. A 2015 study by Frost & Sullivan estimates that by 2020 there will be a shortfall of 1.5 million trained cyber security professionals.
“Cyber security is a growth industry for employees, and supply is falling far short of demand,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “Smart organizations need to establish effective programs for educating and developing employee skills around information protection. Having the right tools is only part of the solution. A lack of cyber security skills not only degrades an organization’s ability to respond to incidents, it also inhibits organizations from developing and deploying effective prevention.”
Additional findings from the survey included:
- Seventy-two percent of the respondents had challenges hiring skilled cyber security experts.
- Half of the respondents (fifty percent) said their organizations do not have an effective program to recruit, train and retain skilled cyber security experts.
- Sixty-nine percent of the respondents have attempted to use technology solutions to fill a gap left by a lack of skilled cyber security experts.
Does your organization have an effective program to recruit, train and retain skilled cyber security experts?
Erlin continued: “While tools can’t replace people, effective automation can give skilled employees more time to spend on the tough problems. Organizations should examine where their cyber security teams are investing manual effort into tasks that could be automated. Reducing and removing tedious, manual work can help improve employee retention as well.”