View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Cybersecurity talent shortage to hit 1.5m by 2020

Trade body (ISC)² finds lack of viable candidates despite increased investment.

By

The cybersecurity industry is set to suffer a staff shortage of 1.5 million people by 2020, according to industry forecasts by the trade body (ISC)².

In a broad survey of worldwide industries conducted by the consultancy Frost & Sullivan, two-thirds of respondents believed their employers had too few security workers, an increase from just over half in 2013.

Whilst the last survey attributed this shortfall to a lack of funding, those questioned this year reported a lack of skilled candidates for the vacancies, a trend which other parts of the computing sector will empathise with.

"While the ceaseless advancement in variety and sophistication of cyber-threats and a broadening footprint that requires security oversight are contributors to rising workforce demand and a workforce with a broader range of qualifications, other contributors are self-inflicted due to decisions organizations make on security priorities," the report said.

"For example, vulnerable software applications continue to be placed into production and end-users continue to be duped by phishing exploits. Even though application vulnerability scanning conducted throughout the software development cycle and periodically in production would mitigate this exposure, this practice is far from routine in the vast majority of organisations."

Given the lack of skilled candidates security spending is expected to rise, with half of those surveyed by (ISC)² expecting increased investment in security tools and technologies.

However two-thirds warned that such spending ran the risk of inducing "security technology sprawl", depleting the effectiveness of the IT department in combating cybercrime and espionage.

Content from our partners
The growing cybersecurity threats facing retailers
Cloud-based solutions will be key to rebuilding supply chains after global stress and disruption
How to integrate security into IT operations

Such a prediction tallies with industry warnings that security was fragmenting, which is thought likely to create the conditions for consolidation among vendors or the development of collaborative frameworks between rivals.

Another tactic to eliminate sprawl is an increased use of managed security services, predicted by nearly a third of those Frost & Sullivan spoke to, as well as the use of cloud services.

"In a bit of a dichotomy, cloud adoption relieves in-house security professionals of certain security operations that are entrusted to the cloud providers," the analysts said.

"But lingering concerns about security in cloud environments contribute to the need for in-house security professionals to invest in cloud security education and training, and be active in managing security and compliance in cloud environments."

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED
THANK YOU