SHENZHEN, CHINA, 21 FEBRUARY 2011- Information security professionals require better training, according to a survey conducted by Frost & Sullivan.
A global survey of over 10,000 information security professionals indicates that information security executives and their staffs are challenged by the growing number of technologies that are widely adopted by businesses.
This gap in training may endanger the security of government agencies, corporations and consumers worldwide over the next several years.
"In the modern organization, end-users are dictating IT priorities by bringing technology to the enterprise rather than the other way around," said Robert Ayoub, global program director - network security for Frost & Sullivan. "Pressure to secure too much and the resulting skills gap are creating risk for organizations worldwide."
Cloud computing is one area that shows a serious gap between technology implementation and the skills required to provide security. The majority of the respondents (over 70 percent) said they lacked new skills to properly secure cloud-based technologies.
Respondents also reported inconsistent policies and less than 30 per cent said they had no social media security policies whatsoever.
These risks, said Ayoub, can be reduced if businesses attract high-quality entrants to the field and make concurrent investments in professional development for emerging skills.
"As the study finds, these solutions are underway, but the question remains whether enough new professionals and training will come soon enough to keep global critical infrastructures in the private and public sectors protected," added Ayoub. "The good news from this study is that information security professionals finally have management support and are being relied upon and compensated for the security of the most mission-critical data and systems within an organization. The bad news is that they are being asked to do too much, with little time left to enhance their skills to meet the latest security threats and business demands."
Allocation of budget
Apparently, businesses should focus on providing training to their Information security professionals because Frost & Sullivan estimates that the demand for professionals in Asia Pacific is expected to increase to over 1.3 million by 2015.
However, two-thirds of respondents don't expect to see any increase in budget for information security personnel and training in 2011.
"With the increasing demand for information security professional due to security threats, we need to change our approach to global cyber security to address the skills gaps revealed by the study," said Dr Lee Jae-woo, co-chair for the (ISC) 2 Asian Advisory Board and Fellow of (ISC)2.
Sign up for Computerworld eNewsletters.