For the third year the Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) International have produced a report on the state of cybersecurity professionals.
The report underscores that nearly three-quarters of organizations are dealing with the fallout of the industry’s skills gap. In the past two years, nearly half of the organizations surveyed suffered at least one damaging security incident in which a critical system was compromised. More than 65% of security pros say their current job demands typically impede their ability to develop and advance their skills, and 47% say they can’t fully learn and use some security technologies to their “full potential.”
Dark Reading reports:
“Cybersecurity professionals don’t have the luxury of time to improve their skills and manage their careers,” says Jon Oltsik, senior principal analyst and fellow at ESG and author of the report. That’s a dangerous trend given the increasing demands of more IT devices, applications, and cloud migration without advancing security with these IT moves, he notes.
Overall, cybersecurity pros are fatalistic about their ability to protect their organizations from attackers: A full 91% say most organizations are vulnerable to a major cyberattack, and 94% say cybercriminals and nation-state hackers have the edge over defenders.
“Cybersecurity professionals feel their organizations are at a significant disadvantage if they don’t have the ability to acquire new skills,” says Candy Alexander, president of ISAA International and an executive cybersecurity consultant.
For more see: Darkreading
OODA helps firms mitigate risks like these through our cybersecurity offerings include our ability to deliver CISO-as-a-Service. Contact us for more.