Only 25 percent of Tripwire survey respondents were confident their organizations have the number of skilled cybersecurity experts needed to effectively detect and respond to a serious cybersecurity breach.
In addition, 66 percent of the respondents said their organization faced increased security risks due to the lack of skilled cybersecurity experts.
Despite the high demand for skilled cybersecurity professionals, businesses have encountered a shortage in the workforce. A 2015 study by Frost & Sullivan, conducted on behalf of (ISC)2, estimates that by 2020 there will be a shortfall of 1.5 million trained cybersecurity professionals.
“Cybersecurity is a growth industry for employees, and supply is falling far short of demand,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “Smart organizations need to establish effective programs for educating and developing employee skills around information protection. Having the right tools is only part of the solution. A lack of cyber security skills not only degrades an organization’s ability to respond to incidents, it also inhibits organizations from developing and deploying effective prevention.”
Additional findings from the survey included:
- Seventy-two percent of the respondents had challenges hiring skilled cybersecurity experts.
- Half of the respondents (50 percent) said their organizations do not have an effective program to recruit, train and retain skilled cybersecurity experts.
- Sixty-nine percent of the respondents have attempted to use technology solutions to fill a gap left by a lack of skilled cybersecurity experts.
Erlin added: “While tools can’t replace people, effective automation can give skilled employees more time to spend on the tough problems. Organizations should examine where their cybersecurity teams are investing manual effort into tasks that could be automated. Reducing and removing tedious, manual work can help improve employee retention as well.”