Over 80% of Firms Suffer Security Skills Shortages

Written by

The majority of security professionals believe it’s getting harder to recruit talent into the industry, according to a new study from Tripwire.

The firm commissioned Dimensional Research to poll over 300 industry professionals back in February, in order to compile its Tripwire 2019 Skills Gap Survey.

Some 85% claimed their IT security department is already understaffed, and just 1% said they can manage all of their organization’s cybersecurity needs with a shortfall in skills.

Almost all of those polled (96%) said they’re either currently facing problems recruiting or can see it coming. Of those, 68% are worried about falling behind on patching, 60% about being able to identify and respond to issues quickly and stay ahead of emerging threats, and 53% about losing their ability to manage and secure configurations properly.

Part of the challenge is the rapid rate of technological change and advances in the threat landscape: 93% of respondents claimed that the skills required to be a great security professional have changed over the past few years.

Perhaps unsurprisingly given the above, most respondents (93%) said they’d benefit from outside help, especially in areas such as security assessments (71%), pen testing (53%) and vulnerability management (51%).

"The skills gap issue continues to worsen, which is troubling, since cybersecurity threats only continue to grow,” argued Tripwire CTO, David Meltzer.

“Additionally, security teams are in search of new skill sets to deal with evolving attacks and more complex attack surfaces as they include a mix of physical, virtual, cloud, DevOps and operational technology environments. It's becoming more difficult to maintain critical security controls, and there are fewer people available to do it."

According to (ISC)2, there is a global shortfall of security professionals approaching three million today. Part of the problem is under-representation of women, who account for just a quarter (24%) of roles currently.

An Infosecurity Europe poll last Friday to coincide with International Women’s Day revealed that industry pros believe men still have more opportunities to progress in cyber-careers.

What’s hot on Infosecurity Magazine?