An encouraging 35% of organizations surveyed by ESG Research said they were planning to hire information security personnel in 2011.
A full 58% of mid-market firms (500–1000 employees) and enterprises (more than 1000 employees) plan to increase spending on information security this year. This compares with 55% in 2010 and only 36% in 2009.
Also, 27% of organizations said that information security initiatives are a top IT priority for the next year to 18 months.
While this seems like good news, Jon Oltsik, senior principal analyst at ESG, is worried that this healthy demand will lead to shortages of skilled information security professionals. “Ironically (given the fact that unemployment still hovers around 10%), we will likely face a shortage of skilled cyber security professionals in 2011”, he wrote in a blog post.
Oltsik said that leading information security programs at US universities are reporting full placement of graduates in the workforce. In addition, there are many unfilled information security jobs in the federal government. Companies in small markets and rural areas are finding it difficult to recruit qualified professionals.
“We will need a focus on training, federal funding, and security services in 2011 or face a growing cybersecurity skills deficit. If this happens, everyone will suffer”, he warned.