Are things moving too fast for security professionals to stay on top of keeping corporate data secure?
The
* Application vulnerabilities represent the number-one threat to organizations, and more than 20% of information security professionals reported involvement in software development.
* Mobile devices were the second highest security concern, despite an overwhelming number of professionals having policies and tools in place to defend against mobile threats.
* Cloud computing illustrates a serious gap between technology implementation and the skills necessary to provide security. More than 50% of information security professionals reported having private clouds in place, and more than 40% of respondents reported using software as a service. Tellingly, but more than 70% of professionals reported the need for new skills to properly secure cloud-based technologies.
* Professionals aren’t ready for social media threats. Respondents reported inconsistent policies and protection for end-users visiting social media sites, and fewer than 30% of respondents had no limits set whatsoever.
Frost & Sullivan concludes that new technologies and methodologies sweeping enterprises – from mobile to cloud – are overwhelming the abilities of information security professionals to keep up. “The information security community admits it needs better training in a variety of new technology areas, yet at the same time reports in significant numbers that these same technologies are already being deployed without security in mind”
Even as the skills gap is becoming urgent, Frost & Sullivan says it is encouraged by many of the survey findings: Frost & Sullivan estimates that there are 2.28 million information security professionals worldwide, a figure expected to increase to nearly 4.2 million by 2015. “Management support and end-user training have been embraced by many organizations. Budgets and spending are expected to increase in the next 12 months, and salaries showed healthy growth despite a global recession.”
