Today in Security - The Cybersecurity Talent Gap

Today in Security: The Cybersecurity Talent Gap

​The cybersecurity talent gap continues to hamper organizations. At this point, the gap could be considered a yawning chasm, according to new research.

In a worldwide survey of 1,400 IT and IT security practitioners, 73 percent said they believe their organization's IT security departments are usually understaffed because of difficulty attracting and retaining qualified candidates.

"Organizations globally are facing a shortage of IT security staff," write the authors of the study, Staffing the IT Security Function in the Age of Automation. The report was issued by the Ponemon Institute, with sponsorship from DomainTools. Most of the survey respondents are IT directors, managers, and IT systems analysts.

"IT security teams can be overwhelmed with security incidents they must respond to," the authors write.

Conversely, only 29 percent of survey respondents in the report said they have no difficulty attracting qualified candidates, and only 30 percent of respondents said they have no difficulty retaining qualified candidates.

However, the survey also found that automation and artificial intelligence (AI) technologies could be a force multiplier when it comes to the future of IT security.

"The key takeaway from the following findings is that the use of automation will not reduce the headcount in the IT security function," the authors write. "Instead, according to respondents, automation will mean increased job security for IT security practitioners, especially those who have the expertise to manage these technologies."

However, for 56 percent of respondents, a barrier to adopting automation is the lack of in-house expertise, the report finds.

For more on this issue, see the article "AI: The Force Multiplier" in Security Management's September 2017 issue. In that article, author Megan Gates explored how some cybersecurity experts are looking toward AI to help create the cybersecurity workforce of the future.

The Ponemon report can be found here: