Study Highlights Cybersecurity Skills Gap

Cybersecurity male and female computer engineer sitting in front of three monitors and a keyboard with female engineer pointing on something at the screen

With the rapid implementation of new technologies within organizations, a lack of adequate IT security skills has highlighted the need for additional IT security training and certification, a new report says.

According to Frost and Sullivan’s 2011 (ISC)2 Global Information Security Workforce Study, a lack of skills has made many cybersecurity professionals unqualified to adequately secure organizations from threats by social-media, cloud computing, mobile devices and software applications. The IT security community admits further training is needed in these relatively new segments, which are already being deployed without security in mind, the report notes.

The largest skill gap is in cloud computing, with more than 50 percent of respondents reporting having private clouds and 40 percent using software-as-a-service. However, more than 70 percent admitted to needing more skills to adequately secure cloud technology.

The role of the cybersecurity professional is evolving along with the implementation of new technologies. Since software applications represent the top IT security threat to an organization, according to the report, security professionals are increasingly being asked to be a part of the software development cycle. During the software development cycle 81 percent of respondents indicated they were involved in design, 75 percent in requirements, 71 percent in testing and 70 percent coding implementation. Mobile devices represent the second highest threat.

Overall, the job outlook for cybersecurity pros looks good, with an estimated 2.28 million IT security professionals employed worldwide in 2010. That number is expected to nearly double to 4.2 million by 2015. The importance of security certifications for hiring IT security pros is high, with 90 percent of participants involved in hiring IT security staff saying it was very important or somewhat important. The top reasons to hire a certified IT security professional were competence (69 percent), quality of work (54 percent), regulatory requirements (48 percent), company image or reputation (45 percent), customer requirement (41 percent) and company policy (39 percent).

“Certifications will continue to be an important differentiator as the number of professionals necessary to effectively secure organizations continues to increase,” the report stated.

The report was based on a survey of 10,413 information security professionals.

Related News

Chandler Harris is a freelance business and technology writer located in Silicon Valley. He has written for numerous publications including Entrepreneur, InformationWeek, San Jose Magazine, Government Technology, Public CIO, AllBusiness.com, U.S. Banker, Digital Communities Magazine, Converge Magazine, Surfer's Journal, Adventure Sports Magazine, ClearanceJobs.com, and the San Jose Business Journal. Chandler is also engaged in helping companies further their content marketing needs through content strategy, optimization and creation, as well as blogging and social media platforms. When he's not writing, Chandler enjoys his beach haunt of Santa Cruz where he rides roller coasters with his son, surfs and bikes across mountain ranges.