Skip to main content

Is Cyber Security Your Next Career: (ISC) Global Information Security Workplace Study


www.ermgovernance.com


The recent (ISC) Global Information Security Workplace Study illustrates the issue of Filling the Cybersecurity Gap in stark detail. The report projects that the global information security workforce shortfall will reach 1.5 million workers in five years. 

The nearly 14,000 qualified information security professionals who took part in the study are already struggling with this: Only half believe their organization is capable of sufficiently discovering and recovering from a breach. 

As a result, only one-fifth indicate that they can complete remediation after a system or data compromise within a day (down from 33% in 2011). Other findings reveal additional, troubling developments: With an insufficient pool of avail-able, suitable job candidates, 62% of respondents say that their organization has too few information security professionals, up from 56% in 2013. 

Two-thirds are concerned about security technology “sprawl”—a significant increase in the number of tech products, vendors and management consoles, leaving 64% of respondents saying they face challenges in training in-house security personnel to “cover all of our technolog ies.”

Cybersecurity as a vocation continues to “go gray,” with fewer young people taking this career path. Just 6% of respondents were under age 30, and the average age was 42. More than three out of five are 40 or older.Education and training remain key, as many organizations are now recognizing. To retain current staffers, 61% of survey respondents said they need to offer training programs, and 59% said their company is willing to cover staffers’ professional security certification expenses.

In terms of the most in-demand skills required to respond to the threat landscape over the next three years—and thus critical areas of training focus—respondents ranked risk assessment and management at the top (55%); followed by incident investigation and response (52%); governance, risk management and compliance (48%); analytical skills (42%); and architecture (38%).

Get your cyber security / risk management training or certification through www.ermgovernance.com


www.ermgovernance.com


Comments

Post a Comment

Popular posts from this blog

Essential elements of ERM

Essential elements of ERM Create your own and tailored #ERM #framework with ease! We have worked hard to incorporate changes from #COSO and #ISO #31000 so that you can benefit without having to invest a lot of time and resources.  Email us at  info@ermgovernance.com  for more details.
1 comment
Read more

Five Step Plan for an Enterprise Risk Management (ERM) Program

Enterprise Risk Management (ERM): is a process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of a risk to an organization.  It expands beyond a daily run of the mill operational management! A true ERM program will have its scope expand to strategic, financial, reputational, human resource and business continuity as well as operational and legal risks. Most organizations, as they mature embark on a journey of establishing a robust Enterprise Risk Management (ERM) Program! The 5-step plan outlined here can be used for rolling out any organization-wide change. Step 1: Organize effort for a successful change Identify your team! Make this group a core part of the ERM work Assess current organizational change saturation and establish a process to address any road blocks Engage the Executive Leadership Team (ELT) for support Have a clear plan of action Ensure that ERM beco...
Post a Comment
Read more

How to benefit from a Fishbone or Ishikawa Diagram for Root Cause Analysis

    What is root cause analysis? Root cause analysis is a structured process that helps healthcare, manufacturing and service sector managers and leaders in identifying contributing factors or causes of an accident, error, problem, event or occurrence. An accident, error, problem, event or occurrence are usually a result of a system rather than an individual mistakes. Understanding the system itself and contributing factors or causes of a system failure can help in preventing recurrences. Actions that are taken to address system failure helps in sustaining the improvements or corrective actions.   What is a fishbone or ishikawa diagram? Each and every outcome or effect is an end result of actions taken/omitted or in general causes/ A cause and effect diagram representing this relationship between cause and effect is called a called a fishbone or ishikawa diagram. A fishbone diagram is a visual way to represent cause and effect. It is a more structu...
Post a Comment
Read more