- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
(ISC)2 report says security departments are understaffed
Results of an annual Global Information Security Workforce Study from (ISC)2 claims two-thirds of the world's CISOs are understaffed. Are you?
A panel discussion at RSA later today will look at results of the sixth annual Global Information Security Workforce Study (GISWS) from education and certification provider (ISC)2.
“The Threat Horizon: The 2013 Global Information Security Workforce Study,” delves into what (ISC)2 officials say is a troubling shortage of skilled security professionals that is having a ripple effect on the global economy.
The study surveyed more than 12,000 information security professionals. More than half – 56 percent - of CISOs surveyed for the report feel their security organizations are short-staffed.
From a release on the study:
“Many organizations (15 percent) are not able to put a timeframe on their ability to recover from an attack, even though service downtime is one of the highest priorities for nearly three-quarters of respondents. The data concludes that the major shortage of skilled cyber security professionals is negatively impacting organizations and their customers, leading to more frequent and costly data breaches.”
While the shortage is making response time difficult for those in charge, (ISC)2 says it is good news for security professionals who are enjoying stable employment. Over 80 percent of respondents reported no change in employer or employment in the last year, and 58 percent reported receiving a raise in the last year. The number of professionals is projected to grow steady globally by more than 11 percent annually over the next five years, according to (ISC)2 officials.
[Get the latest career and staffing news and advice with the CSO Career bi-monthly email newsletter. It's free - sign up now! ]
The report finds that hactivism (43 percent), cyber-terrorism (44 percent), and hacking (56 percent) are among the top concerns identified by respondents. 78 percent of respondents said BYOD technology is a significant security risk, and 74 percent reported that new security skills are required to meet the BYOD challenge. 68 percent reported social media is a security concern, with content filtering being the chief security measure used.
How do these results line up with what you’re experiencing in your security department? Do you have the staff that you need? Or are you feeling the pinch of being understaffed? If so, how is it impacting your organization?
As my colleague Bill Brenner notes in his Salted Hash blog post today, (ISC)2 will also be defending it's position on the need for professionals to continue to obtain the certification it issues - the CISSP - in an RSA panel discussion titled "Information Security Certifications: Do They Still Provide Industry Value?"
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Enterprise File Sharing: All You Need to Know
- Forrester Research and EMC on Continuous Availability
- Big Ideas; Big Tech-Continuous Availability for VMware
- Reduce Costs, Maximize Performance and Ensure High Availability of your Business Critical Applications
- Security Analytics Video
- B2B Integration on Cloud: Real World Solutions and Technology Advances