The difficulty in keeping security skills up to date is blamed for a significant gap between what IT managers need and the skills their IT staff have.
As technology continuously shifts and innovates, IT professionals face a steady pressure to keep their skills up to date. Given the even more rapid pace at which IT security evolves, those employees who need to incorporate security measures into aspects of their work face extra scrutiny.
A new study finds that what is being done, however, is insufficient. In a worldwide survey of IT managers, CompTIA (Computing Technology Industry Association), an industry trade association, found a 16 percent gap between the number of IT managers who identified security, firewalls and data privacy as their organization's top priority and those that felt their IT employees were proficient in these skills.
At 19 percent, the gap was widest in five emerging IT markets-China, India, Poland, Russian and South Africa-where, just as in the United States, only 57 percent of IT managers said their current tech staff were IT security proficient.
"The gap between companies that identified security skills as being important and those that were lacking these skills in their own departments was significant. We think that there is an increase in need for IT security skills simply because of all of the media attention IT security has gotten in recent years," CompTIA spokesperson Steven Ostrowski told eWEEK.
Even though IT leaders knew that the best ways to improve the security skills among their IT staff members were to send employees for external training and certifications, the suggestion was generally met with cautious responses.
"From the employer perspective, there is a concern that if they train an employee that they'll just leave for another job. But we did a survey a couple years ago which showed that just the opposite was true. Employees were more willing to stay with an employer who was willing to invest in their advancement. Sometimes it is still a tough sell to convince bosses that training their staff is a good thing," said Ostrowski.
The message that IT managers need professionals with constantly updated security skills has gotten out to recruiters, who themselves are struggling to find the right mix in candidates.
"Right now there's a big shift in the area of IT going on with an increased focus on data security and risk management, particularly in financial services. There's a significant challenge in finding people who are as on top of this as our clients need them to be," Tom Fuller, CEO of Epson Fuller IMD, an executive search group.