Cyber Security Skills Shortages Exacerbating Cyber Vulnerabilities
Cyber security experts have been deterred from entering the profession which is causing a widening cyber skills shortage.
According to the Tripwire 2019 Skills Gap Survey that polled over 300 cyber security experts and IT leaders in February 96% of respondents believe there is already a cyber security shortage or one on the horizon.
93% of respondents believe technology has changed so much in recent years that it is difficult to find an adequately qualified candidate that is adept in dealing with new threats and new technology.
Overwhelmingly, IT security departments already feel as though they are lacking the staff to successfully defend their organisations against persistent cyber threats. In fact, 85% feel as though their departments need additional cyber staff to cope with the IT demands of modern life.
A mere 1% feel that their current organisation is equipped to defend themselves against the increasing complexity of persistent cyber crime.
Almost two thirds (60%) of respondents were anxious that under staffing will leave their organisation vulnerable and slow to react and respond to cyber issues quickly enough. There was also a growing concern that being overworked in current issues will mean they overlook emerging threats.
68% were anxious that a lack of qualified staff and additional skills shortages could result in updates and patching being overlooked which could leave vulnerabilities.
71% of respondents would appreciate additional help with security assessments, 53% struggle with pen testing and 51% need some help with vulnerability management.
David Meltzer, Tripwire CTO, said: “The skills gap issue continues to worsen, which is troubling, since cybersecurity threats only continue to grow.
“Additionally, security teams are in search of new skill sets to deal with evolving attacks and more complex attack surfaces as they include a mix of physical, virtual, cloud, DevOps and operational technology environments. It’s becoming more difficult to maintain critical security controls, and there are fewer people available to do it.”
How can the UK create a sustainable pool of qualified cyber security experts?