Latest News

Latest Technologies Straining Cyber Security Staffs, Study Warns

LONDON February 17, 2011

Sullivan Study

A study based on a survey of more than 10,000 (2400 in EMEA) information security professionals worldwide finds that a growing number of technologies being widely adopted by businesses are challenging information security executives and their staffs, potentially endangering the security of governments, agencies, corporations and consumers worldwide over the next several years.

Conducted by Frost & Sullivan, the 2011 (ISC)2 Global Information Security Workforce Study (GISWS) says new threats stemming from mobile devices, the cloud, social networking and insecure applications, as well as added responsibilities such as addressing the security concerns of customers, have led to "information security professionals being stretched thin, and like a series of small leaks in a dam, the current overworked workforce may be showing signs of strain."

Conducted on behalf of (ISC)2, the not-for-profit global leader in educating and certifying information security professionals throughout their careers, the study also shows a severe gap in skills needed industry-wide. Information security professionals admitted they needed better training in a variety of technology areas yet reported in significant numbers that many of these technologies are already being deployed.

Robert Ayoub

"We can reduce the risks, however, if we invest now in attracting high-quality entrants to the field and make concurrent investments in professional development for emerging skills. As the study finds, these solutions are underway, but the question remains whether enough new professionals and training will come soon enough to keep global critical infrastructures in the private and public sectors protected."

"The good news from this study is that information security professionals finally have management support and are being relied upon and compensated for the security of the most mission-critical data and systems within an organisation," added Ayoub. "The bad news is that they are being asked to do too much, with little time left to enhance their skills to meet the latest security threats and business demands."

    Full Report:;     Video Commentary:      Other key findings from the study include:      - As of 2010, Frost & Sullivan estimates that there are 2.28 million       information security professionals worldwide (over 617,000 in EMEA).       Demand for professionals is expected to increase to nearly 4.2 million       by 2015 (1.15 million in EMEA) with a compound annual growth rate       (CAGR) of 13.2 percent (same in EMEA), creating career opportunities       for those with the right skills.      - Secure software development is a significant new area of focus for       information security professionals worldwide. Application       vulnerabilities ranked as the No. 1 threat to organisations by 72       percent of respondents worldwide and in EMEA (69 percent, while 20       percent (19 percent in EMEA) said they are involved in secure software       development.      - Nearly 70 percent (67 percent EMEA) of respondents reported having       policies and technology in place to meet the security challenges of       mobile devices, yet mobile devices were still ranked second on the list       of highest concerns by respondents (worldwide and in EMEA). The study       concludes that mobile security could be the single most dangerous       threat to organizations for the foreseeable future.      - Cloud computing illustrates a serious gap between technology       implementation and the skills necessary to provide security. More than       50 percent (55 percent EMEA) of respondents reported having private       clouds in place, while more than 70 percent (75 percent EMEA) reported       the need for new skills to properly secure cloud-based technologies.      - Professionals aren't ready for social media threats. Respondents       reported inconsistent policies and protection for end-users visiting       social media sites, and just less than 30 percent (31 percent EMEA) had       no social media security policies whatsoever.      - Viruses and worms, hackers and internal employees all fell in       significance as top threats from 2008, the most recent year of the       study.      - The main drivers for the continued growth of the profession are       regulatory compliance demands, greater potential for data loss via       mobile devices and mobile workforce, and the potential loss of control       as organisations shift data to cloud-based services.      - About two-thirds of respondents worldwide and in EMEA don't expect to       see any increase in budget for information security personnel and       training in 2011.      - Salaries showed healthy growth despite a global recession, with three       out of five respondents reported receiving a salary increase in 2010.  

John Colley

Europe Middle East Africa Asia Pacific

The average experience of respondents worldwide was more than nine years, while five percent (seven percent in EMEA) of respondents held executive titles such as Chief Information Security Officer. Additionally, Frost & Sullivan supplemented the analysis with its other primary data sources and methods.

The objective of the GISWS, the fifth study sponsored by (ISC)2 since 2004, is to provide meaningful research about the information security profession to industry stakeholders, including professionals, corporations, government agencies, academia, and hiring managers.

About (ISC)2

(c) 2011, (ISC)2 Inc (ISC)2, CISSP, CSSLP, ISSAP, ISSMP, ISSEP, CAP, SSCP and CBK are registered marks of (ISC)2, Inc.

Tags: CISSP, (ISC)2, computer security, cyber security, information security, security professional, cloud computing, mobile devices, social media, secure software, security research, Frost & Sullivan, Global Information Security Workforce Study

     Twitter ( )     YouTube ( )     (ISC)2 blog (   


Leave a comment

seks shop - izolasyon
basic theory test book basic theory test