The infosec skill gap might become way worse than anticipated. A report by Cybersecurity Ventures suggests that by 2021, cybercrime will cost organizations more than $6 trillion annually while there will be 3.5 million unfilled security jobs. But the buck doesn’t stop there. Another recent study, by Ponemon, suggests that “A lack of skilled personnel is the biggest barrier to successfully deploying security automation.”
The study by Ponemon, which surveyed 1,859 IT and IT security practitioners in Germany, France, the United Kingdom and the United States, pointed out that 57 percent of respondents were unable to recruit knowledgeable or skilled personnel to deploy their security automation tools. “This barrier is followed by the inability to apply controls that span the entire enterprise, according to 55 percent of respondents.”
The Ponemon study followed the importance of security automation where majority of participants felt that security automation improves organizations’ security posture. When asked the respondents to rate the importance of security automation on a scale of 1 to 10, nearly 70 percent stated that security automation is crucial to the security posture of the company while nearly 80 percent rated the importance as very high in the next two years. The survey pointed out that, “The top two benefits of security automation are the increased productivity of IT security personnel and the automated correlation of threat behavior to address the volume of threats (64 percent and 60 percent of respondent, respectively). 54 percent of respondents say these technologies simplify the process of detecting and responding to cyber threats and vulnerabilities.”
While skill gap in the space continues to be a perennial problem. According to Peninsula Press, “More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74 percent over the past five years.” The report also estimated that the demand for cybersecurity professionals may grow by 53 percent through 2018. “The number of jobs in information security is going to grow tenfold in the next 10 years,” said Virginia Lehmkuhl-Dakhwe, director of the Jay Pinson STEM Education Center at San Jose State University told Peninsula Press. “We have to do much more if we want to meet that demand, at the university level as well as K-12.”
An earlier survey by EC-Council had noticed that skill gap in the cybersecurity industry spanned all levels, from CISOs to security analysts. “Most CISOs have several job openings yet to be filled and CISOs and the others involved in the recruiting process are looking for prospects with relevant certifications and experience. A major hurdle in the recruitment process is finding the right fit both with culture, personality, and experience that matches the job,” the study said.