Tripwire, a leading global provider of security and compliance solutions for enterprises and industrial organisations, has announced results of a survey conducted by Dimensional Research that examines how organisations are addressing the cybersecurity skills gap. The survey was administered to 336 IT security professionals in February.
A total of 80% of survey respondents believe it’s becoming more difficult to find skilled cybersecurity professionals. As emerging technology and threat landscapes experience rapid transformation, the skillsets required have changed as well. Nearly all respondents (93%) say the skills required to be a great security professional have changed over the past few years.
“The skills gap issue continues to worsen,” said David Meltzer, Chief Technology Officer at Tripwire. “Which is troubling, since cybersecurity threats only continue to grow. Additionally, security teams are in search of new skillsets to deal with evolving attacks and more complex attack surfaces as they include a mix of physical, virtual, cloud, DevOps and operational technology environments. It’s becoming more difficult to maintain critical security controls and there are fewer people available to do it.”
The survey found that while 85% report their security teams are already understaffed, only 1% believe they can manage all of their organisation’s cybersecurity needs when facing a shortage of skilled workers. Nearly all respondents (96%) say they are either currently facing difficulty in staffing security teams due to the skills gap or can see it coming.
Of those, 68% are concerned with losing the ability to stay on top of vulnerabilities, 60% worry about being able to identify and respond to issues in a timely manner and stay on top of emerging threats, and 53% fear they will lose their ability to manage and secure configurations properly.
In addition, respondents were also asked if they would benefit from outside security help and if so, in what areas, with the following results:
- A total of 93% say they would benefit from security help outside of their organisations
- A total of 71% say their teams would benefit from security assessment help, 53% say penetration testing and 51% say vulnerability management
- A total of 94% say they have invested in or are likely to invest in managed services for security
Lamar Bailey, Senior Director of Security Research at Tripwire, added: “Because security teams are stretched thin, it’s going to be more important than ever to build strong partnerships. Organisations can collaborate with trusted vendors to take pressure off their in-house resources.
“Approaches could include more automation of security tasks and support through managed service to ensure that no critical security controls are dropped. Maintaining a strong foundation of security is non-negotiable, so it’s imperative that organisations partner across the info security community to continue meeting security goals effectively.”
To view the full 2019 Tripwire Skills Gap Report, please visit: https://www.tripwire.com/misc/skills-gap-survey-2019