75% of Orgs Lack Cybersecurity Expertise
Three-quarters of organizations lack skilled cybersecurity experts—resulting in more breaches.
A study from Tripwire found that 66% of respondents faced increased security risks due to this workforce shortage; and 69% have attempted to use technology solutions to fill the gap.
Finding cyber-talent is easier said than done: A full 72% said they had challenges hiring skilled cybersecurity experts; half said their organizations do not have an effective program to recruit, train and retain skilled cybersecurity experts.
It’s only going to get worse: A study by Frost & Sullivan, conducted on behalf of (ISC)2, estimates that by 2020 there will be a shortfall of 1.5 million trained cybersecurity professionals.
“Cybersecurity is a growth industry for employees, and supply is falling far short of demand,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “Smart organizations need to establish effective programs for educating and developing employee skills around information protection. Having the right tools is only part of the solution. A lack of cybersecurity skills not only degrades an organization’s ability to respond to incidents, it also inhibits organizations from developing and deploying effective prevention.”
According to Tripwire’s study, only 25% of the respondents were confident their organizations have the number of skilled cybersecurity experts needed to effectively detect and respond to a serious cybersecurity breach.
Erlin continued: “While tools can’t replace people, effective automation can give skilled employees more time to spend on the tough problems. Organizations should examine where their cybersecurity teams are investing manual effort into tasks that could be automated. Reducing and removing tedious, manual work can help improve employee retention as well.”
Photo © Mclek
Source: Information Security Magazine