News, insights and resources for data protection, privacy and cyber security leaders

Will Technical Cyber Security Skills Shortage Expose Your Organization?

A recent survey by Tripwire has highlighted a growing concern amongst organizations about a shortage of staff with the relevant training and cyber security skills.

Tripwire, a leading provider of security and operations solutions, revealed that 91% of respondents to their survey believed the shortage so severe that they would need to outsource some security operations. This was due to their inability to fill jobs internally with the necessary cyber security skills.

Widespread adoption of Cloud computing, the Internet of Things (IoT) and DevOps are changing the nature and spectrum of security threats. These technologies, plus an evolution towards more sophisticated attacks (for example the rise of supply chain hacking) has resulted in a shortage of professionals and cyber security skills in specific areas.

This shortage of cyber security skills has led most organizations to believe that they will be unable to protect against security flaws and will therefore be vulnerable to attack.

 

The Tripwire survey: Key figures

Of the survey respondents, 79% said they had an increased demand for network monitoring and vulnerability management personnel, and some 88% needed more expertise with the Cloud in particular.

Set against this identified need to fill the jobs gap, 50% of respondents were concerned about losing skills, and 24% were concerned over their ability to address security issues and respond to cyber threats. They recognized that the cyber security skills gap would leave their organizations exposed.

 

Most organizations believe they are vulnerable

A separate piece of research by Thales earlier this year, highlights that one in four (26%) of respondents have experienced a data breach in 2016 and 30% believe their organization is “very vulnerable” or “extremely vulnerable” to cyber attacks. This is very much in line with the Tripwire report which showed that 52% were concerned about keeping up with vulnerabilities.

Tim Erlin, Vice President of Product Management and Strategy at Tripwire, agrees with the respondents’ concerns, “Considering the recent high-profile threats that have been attributed to unpatched systems, it’s no wonder respondents are concerned that a technical skills gap could leave their organizations exposed to new vulnerabilities.”

The recent Equifax and SEC breaches clearly demonstrates the need to keep vulnerabilities in check. Ferruh Mavituna CEO of Netsparker, says: “The Equifax hack is a perfect example that highlights how businesses can get bitten if web application security is not taken seriously. Researchers identified a cross-site scripting vulnerability on their website back in 2016, yet Equifax never responded to their reports and never fixed it.”

The increased demand for cyber security professionals with specific skills will only get worse as companies are faced with the need to secure their environment even as they continue to adopt new and innovative technologies.

Sarah Meyer

Staff Writer at CPO Magazine
Sarah Meyer is a technology writer for more than 10 years. She writes on public policy issues with a focus on cybersecurity and personal data protection. Sarah has previously worked for large multinational cybersecurity companies in the areas of government relations and public policy engagement.

Leave A Reply

Your email address will not be published.

Subscribe and Get 50% Off 6-Hour Workshop Video

PIAs and the ISACA Privacy Principles: Effective Tools to Identify and Mitigate Security and Privacy Risks

Thanks for subscribing!

Pin It on Pinterest

Share This