Access your Pro+ Content below.
Not enough information security analysts, despite higher wages
This article is part of the Information Security issue of August 2018, Vol. 20, No. 4
Results from the ISACA global State of Cybersecurity survey, conducted in October 2017, indicated few signs of the effects of security automation on the security workforce, a strategy that some companies are employing to lessen the burden on information security analysts. Almost 60% of the enterprises surveyed had open security positions. In this year's survey, the workforce shortage was primarily attributed to lack of skills, rather than budgetary constraints: 64% of the 2,366 security professionals surveyed expected their security budgets to increase in 2018. The majority, or 97%, were members of ISACA, an international nonprofit for IT governance professionals, formerly known as the Information Systems Audit and Control Association. The ISACA "State of Cybersecurity 2018" report found that staffing demands were greatest at the individual level -- technicians such as security engineers and information security analysts -- rather than at the security management or executive level. The report noted that investment in security ...
Features in this issue
Security teams increasingly use large data sets from their networks to find hidden threats. Why companies should embark on their own data science and machine learning initiatives.
Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient.
Columns in this issue
Google and other platform companies dangled not only APIs but access to user data from unwitting customers to attract third-party developers and other partners.
Chris Porter's years as a lead analyst and author of Verizon's Data Breach Investigations Report helped prepare him for the chief of security role at the primary housing lender.
Time-sharing systems got a lot right from a security standpoint. "We aimed toward a completely lights-out, 'no chance for mistakes' interface," says the security researcher.