 | |||
|
|
||
| |||
| |||
| |||
|
||||||||||||||||||||
| |
|
Home > Midmarket CIO News > IT security skill shortage continues to stump CIOs |
| |
|
|
|
|
| Midmarket CIO News: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
A new survey by The Computing Technology Industry Association Inc. (CompTIA) found that expertise in security, firewalls and data privacy are considered the most important skills for IT staff to have. But the gap between what CIOs want and what they actually have in terms of security expertise is vast. The survey was conducted worldwide late last year with more than 3,500 respondents in 14 countries ranging from the U.S. and Canada to Poland, Australia and South Africa, among others. There were 253 IT directors surveyed in the U.S.
"I don't think that they're really pointing the finger at the IT workers," Ostrowski said. "Because the No. 1 reason they think there's that gap is the environment of security is changing so quickly that it's tough to keep the workers up to speed." About 42% of the survey respondents felt the best way to remedy the problem was to send their employees to out-of-office training. Others felt employee incentives and enrollment in certification programs would help. "I think they realize that to keep abreast and keep on top of things that are changing so quickly, they've got to implement some continuing education program for their workers," Ostrowski said. Surveyors also asked about importance and staff proficiency in areas including networking, operating systems, hardware skills and customer service, among others (see chart, below). Security skills had the largest gap in every country except the U.S., where the largest gap between importance and perceived ability was for "soft" skills like customer service, sales, project management and communication. But security tied for second place there with application-level skills like development and programming.
"Security is a dynamic topic and it changes very rapidly," said Maloney, former global head of information security at Amazon.com Inc. "Staying on top of new threats, vulnerabilities and countermeasures requires frequent education and continuous awareness. Investments have to be made in regular training. I suggest two weeks per year per person. "And time should be allowed at work for visiting key security websites, an hour each day," he added. Maloney said security "still isn't a strong part of college IT curriculums," leaving most IT staff self-taught and truly qualified, right-out-of-the-box staff hard to find. That means CIOs need to be ready to pay more if they want to bring in truly qualified security experts, he said. After viewing the survey results, Maloney said he would be interested in seeing results for more specific topics, suggesting infrastructure security, application security and data privacy. He guessed that the gap between importance and perceived abilities would be largest for application security and data privacy, as those areas are "less mature" fields of study and expertise. Maloney also said the large U.S. gap concerning "soft" skills shouldn't be ignored. "Security is a highly cross-functional activity and requires a lot of communication across the enterprise," he said. "The best security people typically have a combination of solid technical skills and good people skills, but this combination is hard to find."
Source: "Skills Gaps in the World's IT Workforce," The Computing Technology Industry Association Inc. Let us know what you think about the story; email: Zach Church, News Writer
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS |
|
|
||
|
|||||||
