Study: IT professionals not confident in their companies' cybersecurity staffing

PORTLAND, Ore.—Tripwire, a global provider of security and compliance solutions for enterprises and industrial organizations, recently announced the results of its study, conducted by Dimensional Research. Tripwire said that only twenty-five percent of respondents were confident their organizations have the number of skilled cybersecurity experts needed to effectively detect and respond to a serious cybersecurity breach.

In addition, sixty-six percent of the respondents said their organization faced increased security risks due to the lack of skilled cybersecurity experts, the company said in its announcement.

“Cybersecurity is a growth industry for employees, and supply is falling far short of demand,” Tim Erlin, director of IT security and risk strategy for Tripwire, said in a prepared statement. “Smart organizations need to establish effective programs for educating and developing employee skills around information protection. Having the right tools is only part of the solution. A lack of cybersecurity skills not only degrades an organization's ability to respond to incidents, it also inhibits organizations from developing and deploying effective prevention.”

According to the study, 72 percent of the respondents had challenges hiring skilled cybersecurity experts. Half of the respondents said their organizations do not have an effective program to recruit, train and retain skilled cybersecurity experts. Sixty-nine percent have attempted to use technology solutions to fill a gap left by a lack of skilled cybersecurity experts.

Erlin continued, “While tools can't replace people, effective automation can give skilled employees more time to spend on the tough problems. Organizations should examine where their cybersecurity teams are investing manual effort into tasks that could be automated. Reducing and removing tedious, manual work can help improve employee retention as well.”

The study, carried out in August, evaluated key challenges that organizations must address in order to optimize their cybersecurity and compliance programs. Respondents included more than 500 IT security professionals.