19:39 uur 13-02-2017

Onderzoek ISACA: kloof in cyberbeveiliging stelt 1 op 4 organisaties zes maanden of langer bloot aan gevaar

SAN FRANCISCO–(BUSINESS WIRE)– Geavanceerde cyberbeveiliging is steeds meer in trek omdat cyberaanvallen tegenwoordig als onvermijdelijk worden gezien. Toch blijkt uit een enquête dat de meeste organisaties vrezen niet voldoende te zijn toegerust om zich te verweren.

In een nieuw onderzoek naar cyberveiligheid, ISACA’s Cybersecurity Nexus (CSX), zegt slechts 59 procent van alle ondervraagde organisaties dat ze vijf of meer reacties krijgen per vacature voor een cyberbeveiliger. Slechts 13 procent krijgt 20 of meer aanmeldingen. Dat staat in contrast met de meeste andere vacatures in het bedrijfsleven, waarop 60 tot 250 reacties komen. In ISACA’s onderzoek State of Cyber Security 2017 gaf 37 procent van de respondenten bovendien aan dat minder dan 1 op de 4 kandidaten de kwalificaties had om bedrijven te beveiligen, wat het probleem verder vergroot.

 

 

ISACA Survey: Cyber Security Skills Gap Leaves 1 in 4 Organizations Exposed for Six Months or Longer

SAN FRANCISCO–(BUSINESS WIRE)– Sophisticated cyber security defenses are increasingly in high demand as a cyber security attack is now viewed as an inevitability. However, a majority of surveyed organizational leaders fear they are ill-equipped to address these threats head-on.

This Smart News Release features multimedia. View the full release here: http://www.businesswire.com/news/home/20170213005553/en/

ISACA's State of Cyber Security Study 2017 shows that the cyber security skills gap persists, with m ... ISACA’s State of Cyber Security Study 2017 shows that the cyber security skills gap persists, with many companies saying it can take six months or more to fill positions–and a significant percentage saying they can’t fill them at all. (Photo: Business Wire)

According to a new cyber security workforce study by ISACA’s Cybersecurity Nexus (CSX), only 59 percent of surveyed organizations say they receive at least five applications for each cyber security opening, and only 13 percent receive 20 or more. In contrast, studies show most corporate job openings result in 60 to 250 applicants. Compounding the problem, ISACA’s State of Cyber Security 2017 found that 37 percent of respondents say fewer than 1 in 4 candidates have the qualifications employers need to keep companies secure.

“Though the field of cyber security is still relatively young, demand continues to skyrocket and will only continue to grow in the coming years,” said Christos Dimitriadis, ISACA board chair and group director of Information Security for INTRALOT. “As enterprises invest more resources to protect data, the challenge they face is finding top-flight security practitioners who have the skills needed to do the job. When positions go unfilled, organizations have a higher exposure to potential cyberattacks. It’s a race against the clock.”

More than 1 in 4 companies report that the time to fill priority cyber security and information security positions can be six months or longer. In Europe, almost one-third of cyber security job openings remain unfilled.

Cyber Security Qualifications: A Moving Target

Most job applicants do not have the hands-on experience or the certifications needed to combat today’s corporate hackers, according to the report by the global technology association.

“The survey underscores a fundamental disconnect between employer expectations and what candidates can actually bring to the table,” said Matt Loeb, ISACA CEO. “Employers are looking for candidates to make up for lost time but that doesn’t necessarily mean a significant academic investment. Many organizations place more weight in real-world experience and performance-based certifications and training that require far less time than a full degree program.”

ISACA’s report highlighted where hiring managers’ expectations are shifting most as they consider candidates for open cyber security positions:

  • 55% of respondents report that practical, hands-on experience is the most important cyber security qualification
  • 25% say today’s cyber security candidates are lacking in technical skills
  • 45% don’t believe most applicants understand the business of cyber security
  • 69% indicate that their organizations typically require a security certification for open positions

Closing the Gap

ISACA offers five recommendations to help find and retain qualified cyber security talent:

1. Invest in performance-based mechanisms for hiring and retention.

2. Create a culture of talent maximization to retain the staff you have. Even when budgets are tight, there are things that can be done that don’t impact the bottom line: alternative work arrangements, investment in personnel growth and technical competency, and job rotation to help round out skills.

3. Groom employees with tangential skills—such as application specialists and network specialists—to move into cyber security positions. They are likely to be highly incented to do so and it can help fill the gap in the long term.

4. Engage with and cultivate students and career changers (e.g., an outreach program to a university or an internship program).

5. Automate basic security operational tasks to decrease the overall burden on staff.

Download a free copy of the workforce report at www.isaca.org/state-of-cyber-security-2017.

Twitter: https://twitter.com/ISACANews

Contacts

ISACA
Jay Schwab, +1-847-660-5693
Kristen Kessinger, +1-847-660-5512
communications@isaca.org

Check out our twitter: @NewsNovumpr