“Getting the good guys is very difficult…. there’s so much competition out there”
“Our current approach to security budget staffing is unsustainable – at some point we will need a new approach”
A 2015 Frost and Sullivan/ISC Study estimated that by 2019 there will be a shortfall of 1-2 million security professionals globally. In the same study, almost two-thirds (62%) of IT Security decision makers agreed that there are too few security professionals.
This shortage has both visible and under-the-hood impacts in already stretched IT teams. It has led to increased security outsourcing as well as increased demand for security technologies that reduce manual workload.
Beneath the iceberg, security tasks are increasingly delegated to generalist IT professionals who are often untrained or not “well practiced” for the specific security task at hand.
In worst case scenarios, such tasks are done sub-optimally or not done at all, in particular where a large list of regulatory controls stated as being implemented in paper are not implemented properly in practice.
This is not about replacing your existing IT team; it's about freeing up their time to allow them to get back to more business-critical tasks.
The Cybersecurity and Information Resilience team