Security Skills Gap Continues to Stymie Enterprise Cyber-Defenses
Businesses will spend slightly more this year, but struggle with finding knowledgeable security professionals, according to a survey by Ernst & Young.Companies will spend marginally more money on technology and staff to defend their IT systems and data in 2015, but they continue to have problems hiring knowledgeable security professionals, according to a survey conducted by business-services firm Ernst & Young. About 52 percent of the more than 1,800 organizations surveyed expect security budgets to increase, compared to 43 percent whose budgets will remain unchanged. More than half of firms identified the lack of skilled professionals as a major reason for their inability to bolster system security, according to the survey. "Good resources are scarce and you have to find new ways to provide needed security services," Chip Tsantes, chief technology officer of the cyber-security practice at Ernst & Young, told eWEEK. “You have to be more creative to find the skills that you need.” The lack of information-security professionals has been a common theme over the past five years. More recently, government hiring and the increase in the number of devices added to networks requiring security support has led to a continue shortfall in skilled security people, which Cisco estimates at 1 million workers worldwide.
The lack of adequate staff undermines a variety of security efforts, according to the survey. About a third of companies do not have the capability to assess threats in real-time; only 13 percent of firms believe they are meeting their information-security needs; and between a third and 45 percent of organizations gave themselves poor grades in a variety of cyber-security areas.