The computer security industry will need to add nearly 2 million jobs in the next three years to keep up with demand for new skills, according to Dark Reading, posing potential challenges for employers browsing a limited talent pool.
A 2011 study by researchers at Frost & Sullivan projected that there will be 4.24 million security professionals within the workforce by 2015, up from approximately 2.6 million currently. At industry conference (ISC)2, certain executives were worried about a talent shortage, Dark Reading reported. In particular, concern centered on developing solutions suited to a landscape where increased volumes of data have made cloud and virtualization security into priorities.
"As more advanced technology is deployed – technologies like cloud and bring-your-own-device – there's a demand not only for more skills, but for different kinds of skills," Hord Tipton, executive director of (ISC)2, said at the conference.
Increases in the volume and sophistication of attacks, combined with greater compliance requirements and a shortage in training are all fueling the skills gap as well.
Responses at the conference echoed recent survey data from the Robert Half Technology IT Hiring Index and Skills Report, which found that 54 percent of CIOs are struggling to find skilled professionals. The most challenging roles to fill are those of security, according to 22 percent of respondents.
Conference-goers at (ISC)2 observed that one of the challenges facing security hires is a disconnect between companies’ expectations and the realities of where the industry talent lies. Corporate demand for security professionals can fall victim to HR managers and CEOs who want employees with the right certifications and professional appearance. The best security work, on the other hand, is often done by people who fall outside of the traditional professional framework.
"Security is a creative pursuit, whether it's on the offensive side or on the defensive side, and it's not always done by people who work 9 to 5,” said presenter Winn Schwartau. “It's not about fitting in.”
It’s no secret that security threats are becoming more sophisticated, even as enterprises are moving their resources into the cloud. With both government and private sector entities advocating for improved malware protection and data security efforts, the industry will need to respond with more training to help professionals get the certification they need. According to Schwartau, job postings requiring a security certification such as CISSP are up 34 percent this year.
Security News from SimplySecurity.com by Trend Micro