Is Cyber Security Your Next Career: (ISC) Global Information Security Workplace Study

The recent (ISC) Global Information Security Workplace Study illustrates the issue of Filling the Cybersecurity Gap in stark detail. The report projects that the global information security workforce shortfall will reach 1.5 million workers in five years.

The nearly 14,000 qualified information security professionals who took part in the study are already struggling with this: Only half believe their organization is capable of sufficiently discovering and recovering from a breach.

As a result, only one-fifth indicate that they can complete remediation after a system or data compromise within a day (down from 33% in 2011). Other findings reveal additional, troubling developments: With an insufficient pool of avail-able, suitable job candidates, 62% of respondents say that their organization has too few information security professionals, up from 56% in 2013.

Two-thirds are concerned about security technology “sprawl”—a significant increase in the number of tech products, vendors and management consoles, leaving 64% of respondents saying they face challenges in training in-house security personnel to “cover all of our technolog ies.”

Cybersecurity as a vocation continues to “go gray,” with fewer young people taking this career path. Just 6% of respondents were under age 30, and the average age was 42. More than three out of five are 40 or older.Education and training remain key, as many organizations are now recognizing. To retain current staffers, 61% of survey respondents said they need to offer training programs, and 59% said their company is willing to cover staffers’ professional security certification expenses.

In terms of the most in-demand skills required to respond to the threat landscape over the next three years—and thus critical areas of training focus—respondents ranked risk assessment and management at the top (55%); followed by incident investigation and response (52%); governance, risk management and compliance (48%); analytical skills (42%); and architecture (38%).

Get your cyber security / risk management training or certification through www.ermgovernance.com

Comments

ARM Online Certification

You can register for an online ARM certification classes by registering at https://ermgovernance.com/ARM/ We offer all three ARM courses. ARM 54, ARM 55 and ARM 56. Contact us for more details. About the ARM Designation The ARM program teaches the in-depth knowledge needed to assess and respond to the numerous hazard risks your organization faces. ARM helps you: Build a strong foundation in the science of risk management Gain practical skills to avoid, reduce, and manage risk Learn to adapt those skills to meet changing needs The following courses are required to earn the Associate in Risk Management (ARM) designation: ARM 54—Risk Management Principles and Practices Risk Management Standards and Guidelines; Hazard, Operational, Financial, and Strategic Risk; Risk Identification, Analysis, and Treatment; Financial Statement Risk Analysis; Capital Investment ARM 55—Risk Assessment and Treatment Risk Assessment and Treatment; Root Cause Analysis; Busine...

SRM: Strategic Risk Management

What is SRM / Strategic Risk Management? Strategic risk management (SRM) is best described as the process of identifying, assessing, and managing any risk that affects organization's strategy, strategic objectives, and strategy execution. Does your organization have a such process? If you answered yes!, great. Your organization is ahead of many by having a strategic risk management. That’s great! Because that means you have overcome the challenges I talk about in my 5-part video series on Linking ERM to Strategy. The best and simplest way to describe the strategic risk management process is to say that it requires managing key input variables (internal and external environments) and key output factors (mission, objectives, strategy, and policies). These factors influence how strategy formulation, implementation, and evaluation and control are related, and how a change in any one factor (e.g., corporate objectives) affects other factors (e.g., strategies, policies, pro...

How to benefit from a Fishbone or Ishikawa Diagram for Root Cause Analysis

What is root cause analysis? Root cause analysis is a structured process that helps healthcare, manufacturing and service sector managers and leaders in identifying contributing factors or causes of an accident, error, problem, event or occurrence. An accident, error, problem, event or occurrence are usually a result of a system rather than an individual mistakes. Understanding the system itself and contributing factors or causes of a system failure can help in preventing recurrences. Actions that are taken to address system failure helps in sustaining the improvements or corrective actions. What is a fishbone or ishikawa diagram? Each and every outcome or effect is an end result of actions taken/omitted or in general causes/ A cause and effect diagram representing this relationship between cause and effect is called a called a fishbone or ishikawa diagram. A fishbone diagram is a visual way to represent cause and effect. It is a more structu...

Enterprise Risk Management Governance Inc.

Search This Blog