Skip to main content

Is Cyber Security Your Next Career: (ISC) Global Information Security Workplace Study


www.ermgovernance.com


The recent (ISC) Global Information Security Workplace Study illustrates the issue of Filling the Cybersecurity Gap in stark detail. The report projects that the global information security workforce shortfall will reach 1.5 million workers in five years. 

The nearly 14,000 qualified information security professionals who took part in the study are already struggling with this: Only half believe their organization is capable of sufficiently discovering and recovering from a breach. 

As a result, only one-fifth indicate that they can complete remediation after a system or data compromise within a day (down from 33% in 2011). Other findings reveal additional, troubling developments: With an insufficient pool of avail-able, suitable job candidates, 62% of respondents say that their organization has too few information security professionals, up from 56% in 2013. 

Two-thirds are concerned about security technology “sprawl”—a significant increase in the number of tech products, vendors and management consoles, leaving 64% of respondents saying they face challenges in training in-house security personnel to “cover all of our technolog ies.”

Cybersecurity as a vocation continues to “go gray,” with fewer young people taking this career path. Just 6% of respondents were under age 30, and the average age was 42. More than three out of five are 40 or older.Education and training remain key, as many organizations are now recognizing. To retain current staffers, 61% of survey respondents said they need to offer training programs, and 59% said their company is willing to cover staffers’ professional security certification expenses.

In terms of the most in-demand skills required to respond to the threat landscape over the next three years—and thus critical areas of training focus—respondents ranked risk assessment and management at the top (55%); followed by incident investigation and response (52%); governance, risk management and compliance (48%); analytical skills (42%); and architecture (38%).

Get your cyber security / risk management training or certification through www.ermgovernance.com


www.ermgovernance.com


Comments

Post a Comment

Popular posts from this blog

ARM Online Certification

You can register for an online ARM certification classes by registering at  https://ermgovernance.com/ARM/ We offer all three ARM courses. ARM 54, ARM 55 and ARM 56. Contact us for more details. About the ARM Designation The ARM program teaches the in-depth knowledge needed to assess and respond to the numerous hazard risks your organization faces.  ARM helps you: Build a strong foundation in the science of risk management Gain practical skills to avoid, reduce, and manage risk Learn to adapt those skills to meet changing needs The following courses are required to earn the Associate in Risk Management (ARM) designation: ARM 54—Risk Management Principles and Practices Risk Management Standards and Guidelines; Hazard, Operational, Financial, and Strategic Risk; Risk Identification, Analysis, and Treatment; Financial Statement Risk Analysis; Capital Investment ARM 55—Risk Assessment and Treatment Risk Assessment and Treatment; Root Cause Analysis; Busine...
Post a Comment
Read more

New Legislation Brings Additional Compliance Requirements For Helathcare Organizations in Ontario

The Ministry of Health and Long-Term Care released its statement indicating that the new legislation will strengthen privacy, accountability and transparency in the Health Care System. The Act introduces new measures that put patients first by improving privacy, accountability and transparency in the health care system. The changes introduced to HIPA ensures that Ontario remains the leader in health information and privacy protection across Canada. The Act will amend existing legislation: Making it mandatory to report privacy breaches  to the Information and  Privacy Commissioner  and, in certain circumstances, to relevant  regulatory colleges. Strengthening the process to  prosecute offences under the Personal Health Information Protection Act  by removing the requirement that prosecutions must be commenced within six months of when the alleged offence occurred. Doubling  the maximum  fines  for privacy offences from  $50,000 ...
Post a Comment
Read more

SRM: Strategic Risk Management

 What is SRM / Strategic Risk Management? Strategic risk management (SRM) is best described as the process of identifying, assessing, and managing any risk that affects organization's strategy, strategic objectives, and strategy execution. Does your organization have a such process? If you answered yes!, great. Your organization is ahead of many by having a strategic risk management. That’s great! Because that means you have overcome the challenges I talk about in my 5-part video series on Linking ERM to Strategy. The best and simplest way to describe the strategic risk management process is to say that it requires managing key input variables (internal and external environments) and key output factors (mission, objectives, strategy, and policies). These factors influence how strategy formulation, implementation, and evaluation and control are related, and how a change in any one factor (e.g., corporate objectives) affects other factors (e.g., strategies, policies, pro...
Post a Comment
Read more