CISOs No. 1 Concern in 2018: The Talent Gap

  /     /     /  
Publicated : 22/11/2024   Category : security


CISOs No. 1 Concern in 2018: The Talent Gap


Survey finds lack of competent in-house staff outranks all other forms of cybersecurity worry, including data breaches to ransomware attacks.



The top concern among CISOs for 2018 falls outside the typical realm of attacks, employee negligence, or staffing shortages, according to findings released this week in a Ponemon Institute Survey.
The top concern: lack of competent in-house staff.
I am not surprised that this was a leading concern - it is consistent with what we have been hearing as a critical need and gap in the market. However, being the leading concern was somewhat surprising if you follow what’s typically the most reported consequences of the staffing situation: breaches and cyberattacks, says Lee Kirschbaum, senior vice president and head of product, marketing, and alliances at Opus, which commissioned the report.
Larry Ponemon, author of the report, says he was also was surprised by the finding, adding that typically data breaches, ineffective security tools, or some other technical aspect of guarding security tops the concerns list. Workforce issues are usually somewhere in the middle, he says.
According to the survey of 612 chief information officers and IT security pros, the top five threats that worry them the most in 2018:
70%:  lack of competent in-house staff
67%:  data breach
59%:  cyberattack
54%:  inability to reduce employee negligence
48%:  ransomware
A majority of survey respondents, 65%, also believe attackers will be successful in duping employees to fall for a phishing scam that will result in the pilfering of credentials – even more so than the organization suffering from a data breach or cyberattack.
It is one of the oldest forms of cyberattacks, dating back to the 1990s, and one of the most widespread and easier forms of attacks, Kirschbaum says. It targets one the weakest links – the human factor - and focuses on human behavior to encourage individuals to discuss sensitive information.
Challenging technologies for IT security professionals in 2018 include IoT devices, 60%; mobile devices, 54%; and cloud technology, 50%, according to survey respondents.
Over the last year or two, CISOs have been increasingly talking about how to secure IoT devices and the challenges they pose, Ponemon says. Their questions have ranged from how to encrypt a smart lightbulb to whether IoT security should rest on the company or the manufacturer, he notes.
Gloom and Doom
CISOs exhibited a general sense of gloom in their survey responses, says Ponemon.
Maybe security people are stoic. They dont see 2018 as a year for improvement, and that security risks are becoming a greater problem, notes Ponemon.
The survey found 67% of respondents believe their organizations are more likely to fall victim to a data breach or cyberattack in the New Year.
And the majority of respondents expect breaches and attacks to stem from inadequate in-house expertise (65%); inability to guard sensitive and confidential data from unauthorized access (59%); an inability to keep pace with sophisticated attackers (56%); and a failure to control third parties use of companys sensitive data (51%), according to the survey.
The sheer volume of information, ranging from threat intelligence to third-party assessments, continues to increase, Kirschbaum says. In an environment with increasing risks from new threats, new disruptive technologies, and legacy systems that continue to demand attention, companies are simply unable to bring on enough qualified staff to keep up.
Despite all the talk of an IT security labor shortage, survey respondents appear relatively optimistic that improvements may be on the horizon in 2018. According to the survey, 61% of respondents believe they could see staffing improvements in 2018. That coincides with other research that Ponemon Institute is involved with, Ponemon says.
Four years ago, a Ponemon survey found 40% of IT security respondents complained that job openings went unfilled because they could not find candidates, but that figure has since dropped to 32% based on a follow-up survey this year, Ponemon says.
Despite potential staffing improvements, CISOs and other IT security professionals foresee stress in the New Year, according to the
report
.
 
Source: Ponemon Institute Survey and Opus
Overall, threats are multiplying, CISOs are having trouble finding in-house resources to keep up – and above all, are worried about threats they have limited control over, like the billions of new devices in the Internet of Things, each bringing with them potential new security threats and the always unpredictable element of human behavior, Kirschbaum says.
Related Content:
Most CISOs Fear Known Breaches Go Unaddressed
5 Problems That Keep CISOs Awake at Night
Why (& How) CISOs Should Talk to Company Boards
 

Last News

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security

▸ Fully committed to the future world of technology. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CISOs No. 1 Concern in 2018: The Talent Gap