Applicable cyber security talent is becoming increasingly difficult to find in today's ever-growing cyber security field and on average, 59% of enterprises get at least five applicants for each open cyber security position, but most of these applicants are unqualified.
These are some of the findings of the State of Cyber Security 2017 from ISACA giving insight on the cyber security workforce development and its current trends.
According to the report, which was compiled following a global survey of 633 professionals in the EMEA and North America regions whose primary job function is cyber security or information, filling open cyber security/information security positions is difficult for over a quarter of the survey respondent enterprises.
"Almost 27% of respondents state that they are unable to fill open cyber security positions in their enterprises - with another 14% of respondents unaware as to whether their enterprises could fill these positions or not. This leaves a quarter of cyber security positions unfilled," indicated the report.
Other findings from the survey indicate that 59% of respondents say at least five individuals apply to each open position and while the number of applicants for an open position appears quantitatively impressive, only one or two (25%) will be suitably qualified.
Furthermore, of the 633 enterprises interviewed practical hands-on experience is the most important, 70% state that while hiring, they require a security certification for open cyber security positions.
Independent learning specialist and director of the Institute of IT Professionals SA Moira de Roche echoes the same sentiments indicating that the skills shortage is a big reality in the sector. "The skills shortage is probably like the much-touted skills shortage in IT. The reality is that the shortages are in the middle of the career ladder (seven to10 years in), not at entry-level." She adds that security roles along with others such as data scientists, technology risk analysts as well as data and solution architects face a shortage.
The report is the first in the ISACA State of Cyber Security 2017 white paper series that will be released in 2017.
Share