Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

IT Security staff shortages affecting global economy

26 February, 2013
Global Information Security Workforce Study reveals the potential economic impact of a critical shortage of information security professionals


The International Information Systems Security Certification Consortium, (ISC)2, has issued its joint study of the global inventory of information security professionals versus demand revealing a shortfall that it believes is enouogh to have a profound impact on the global economy.



Such a bold and alarming conclusion is justified by the certification authority as a result of the prolific generation of new threats in the areas of hactivism, cyber-terrorism and hacking, a proliferance that can't be adequately tackled by the existing skill set available to the world's organisations to combat such emerging threats.



With more than half of the organisations surveyed stating that their IT security positions were understaffed, there was a general conclusion of vulnerability with uncertainty on the timeframes required to recover from any potential attacks.



To make matters worse, the survey concludes that there is insufficient training in security for software developers resulting in the highest concerns being associated with the vulnerabilities of applications which have been developed without adequate security protecting having been designed into them.



Commenting on this, John Colley of (ISC)2 said that it was disturbing to see that application vulnerability is the top concern with only 12% of information security professionals being involved in it. John Colley recommends a holistic approach to the problem with a cooperative and concerted effort across academia, government and the information security profession to curtail the problem.



Victoria Baines of the EUROPOL European Cybercrime Centre said, "Information Security is increasingly embedded in businesses processes but preparedness for cyber-attacks requires persistent effort, constant vigilance and skills renewal. As we enter an age of BYOD, cloud computing and even greater technological convergence, the recognised Information Security trinity of People, Process and Technology will face new challenges".



Reacting to the survey, Ashish Patel of Stonesoft said, “If the back-door of application security is being left wide open, it doesn’t matter how much a company spends on its IT defences nor how many security professionals it employs.  If the application code itself is insecure from the off-set, the entire business, its products and more essentially, its customers and their data are all vulnerable to malicious threats.



“IT security leaders need to make sure their teams are actively involved in the software development process – whether it’s done in-house, outsourced to a partner or procured from a third-party“, Ashish concluded.


Bookmark and Share