The ongoing shortage of skilled cybersecurity professionals is hardly a secret, but new research indicates that...
shortage is getting worse. Cybersecurity skills are in demand; but unfortunately, they are also apparently in short supply.
Research firm Enterprise Strategy Group Inc., based in Milford, Mass., conducted a survey of 591 IT and infosec professionals and found that information security is ranked first among existing IT skills seen to have a "problematic shortage." Even worse, this skills shortage has been the No. 1 item on that list for four years straight.
With the survey, ESG sought to gauge both demand and supply for various skills in the IT and infosec space. To measure demand, ESG asked what new IT staff positions were planned to be added in 2015. Infosec positions were the highest on the list with 43% of respondents planning new hires. Tied for second were IT architecture/planning and server virtualization/private cloud infrastructure positions at 34% each.
On the supply side, ESG asked what areas in each organization were seen to have a "problematic shortage of existing skills," and again, information security skills was the No. 1 answer at 28%, with IT architecture/planning skills second at 23%. Third, at 22%, was mobile management skills.
ESG predicted that organizations will have to rely on outside MSSPs to make up for the shortage of skills, which will add to security spending; meanwhile salaries at midmarket, public sector and rural organizations could jump drastically as the existing talent will be in higher demand.
Other organizations have forecast similarly dire shortages of infosec pros, indicative of the struggles enterprises face in finding staff to help monitor systems, manage incidents and prevent attacks.
Learn about a new ISACA effort to boost the number of entry-level security pros.