Cyber Security Talent Still A Major Pain

Survey respondents say ongoing talent crisis is challenging for security teams

Cyber Security Talent Still A Major Pain Point

There are many theories around the talent gap in cyber security – some say there is a talent shortage, some say there is a skills gap, and others believe recruiters and/or those hiring don’t know what they’re looking for — among a plethora of other opinions. Regardless, it was a critical topic of discussion in our latest market report, “Cyber Security Mid-Year Snapshot 2019.”

See Related: “Driving A Cyber Security Culture Into The Business

In fact, when looking at the survey results, this ongoing talent crisis caused a significant spike in numbers. In November 2018, 69.84% of respondents said that the talent crisis was an ongoing pain point for their security teams. Six months later that numbers jumps to 91.3% (pictured below):

Similarly, ESG and the Information Systems Security Association (ISSA) recently published their third annual research report: The Life and Times of Cyber Security Professionals. In this year’s report, ESG and ISSA asked respondents to identify the most stressful aspects of a cyber security job or career. The results revealed the 5 most stressful aspects of cyber security:

  1. Keeping up with the security needs of new IT initiatives.
  2. Finding out about IT initiatives/projects that were started by other teams within the organization with no security oversight.
  3. Trying to get end-users to understand cyber security risks and change their behavior accordingly.
  4. Trying to get the business to better understand cyber risks.
  5. Trying to keep up with the growing workload.

“There’s that pesky cyber security skills shortage again,” wrote Jon Oltsik, Senior Principal Analyst, ESG Fellow in his latest blog about the report. “Certainly, there are things that can be done here (technology integration, process automation, and managed services come to mind), but this is a societal issue that the public and private sector must deal with collectively.”

“The on-going acute shortage of cyber security skills is about more than the large number of open cyber security positions, it’s also a function of the specific skills required to secure an increasingly complicated environment inclusive of mobile knowledge workers and the extensive use of public cloud services,” says Cahill, who adds that in addition to higher education programs, advances in automation and machine learning to improve efficiency, and cyber security services, are front and center in addressing this perennial cyber security challenge.

Albertsons-Safeway CISO John Kirkwood notes that he uses interns because it’s important to train people, and “personally, I make sure we continue the industry. We all need to replicate ourselves.”

See Full Report: “Cyber Security Mid-Year Snapshot 2019