Organizations are rapidly adopting new technologies, but many information security professionals may lack the requisite security skills to safely implement them, according to a report released last week at the RSA Conference.
According to Frost & Sullivan’s 2011 (ISC)2 Global Information Security Workforce Study, many IT security professionals are not “ready” for social media-related threats. Respondents reported inconsistent policies and protection surrounding employees’ use of such sites; 30 percent of respondents said they lacked any controls at all.
In addition, although 70 percent of respondents said they had policies or technical controls in place to secure mobile devices, these devices were ranked as the second greatest threat to organizations, after application vulnerabilities.
The largest skills gap may be illustrated by cloud computing. More than 50 percent of respondents reported having private clouds in place, and more than 40 percent reported using software-as-a-service. But more than 70 percent of approximately 10,000 global professionals polled said they needed more skills to adequately secure such technology.
“From a technology perspective we are very challenged,” said Rob Ayoub, a Frost & Sullivan global program director. “There are lots of things happening in organizations making our lives difficult.”
Separately, the report found that the information security profession appears poised for growth. Currently, there are 2.3 million professionals working in information security, according to the report. But that should grow to 4.2 million by 2015.
From Security Management: http://www.securitymanagement.com/news/study-highlights-it-security-skills-gap-008233