Andrea Danti - Fotolia

Manage Learn to apply best practices and optimize your operations.

Not enough information security analysts, despite higher wages

Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient.

This article can also be found in the Premium Editorial Download: Information Security magazine: Security data scientists on how to make your data useful

Results from the ISACA global State of Cybersecurity survey, conducted in October 2017, indicated few signs of the effects of security automation on the security workforce, a strategy that some companies are employing to lessen the burden on information security analysts.

Almost 60% of the enterprises surveyed had open security positions. In this year's survey, the workforce shortage was primarily attributed to lack of skills, rather than budgetary constraints: 64% of the 2,366 security professionals surveyed expected their security budgets to increase in 2018. The majority, or 97%, were members of ISACA, an international nonprofit for IT governance professionals, formerly known as the Information Systems Audit and Control Association.

The ISACA "State of Cybersecurity 2018" report found that staffing demands were greatest at the individual level -- technicians such as security engineers and information security analysts -- rather than at the security management or executive level. The report noted that investment in security automation to make execution of technical tasks more efficient for security teams could add value to enterprises. On average, it took three months to fill security jobs, according to 25% of those surveyed, while 26% reported timeframes of at least 6 months or longer to hire for open security positions.

Those numbers mirrored the findings of Cyberseek, which indicated an average of 96 days to fill security positions that require in-demand cloud skills. Cyberseek is an an interactive mapping tool designed to highlight the supply and demand of cybersecurity professionals in the United States; partners in the Cyberseek project include Burning Glass Technologies, CompTIA and the National Initiative for Cybersecurity Education, a National Institute of Standards and Technology program focused on training and security workforce development. Cyberseek reported 109,000 open information security analyst jobs between April 2017 and March 2018, as well as 200,000 additional unfilled cybersecurity-related positions. Data showed 105,000 employed information security analysts during the same period.

Job data on information security analysts

Shortages in the United States exist, even as information security analysts continued to have a higher median annual wage than other computer occupations, according to the U.S. Bureau of Labor Statistics. States with the highest employment levels of security analysts include Virginia, California, Texas, New York and Florida.

This was last published in August 2018

Dig Deeper on Information security certifications, training and jobs

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How is security automation affecting your workforce?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close