Posted by: Clarity Blog | March 27, 2013

Cyber Security Personnel Deficiency


Cyberspace has become a battlefield.  And the good guys are losing.

That’s not news to the thousands of professionals in the U.S. security business.  Malware attacks, hacks, and virus outbreaks are reported daily.  The number of individuals, groups, and nations entering the war against them continues to grow

Technology is helping but the ultimate “defense in depth” strategy has to include people—lots of them.

Yet the shortage of white hat security personnel in the job market is getting worse.  The exponential growth of malware generated by really smart, organized and well-funded cybercriminals, needs a corresponding number of highly trained security professionals to keep a positive balance in cyberspace.

However, in their sixth annual  Global Information Security Workforce Study (GISWS), Frost and Sullivan polled 12,000 security experts worldwide and revealed that many professional don’t fully understand this problem. The report’s underlying message is that there is already a major shortage of skilled cyber security professionals and something needs to be done about it soon.

A study released last year by one of Clarity’s clients, Norman software, highlighted the problem.  Of the IT directors surveyed, the majority say they can’t find enough talent for their incident response teams; and that if they could they don’t have the time or money to train and pay them.

Corporations, government agencies and security organizations need to embrace this problem and make it a top priority across the board.  Discussions at this year’s RSA conference started to address the issue.  A top down approach, starting with the government, security consortiums, and colleges was suggested.  That’s a beginning, assuming recommendations turn into action soon.  But that won’t be nearly enough without increased salaries and budgets throughout the security industry.

The scarcity of skilled cyber security personnel is finally starting to cause the pay scale for these positions to rise in some areas, in order to make them more attractive. For example, The Washington Post reports that the pay scale for cyber security analysts in the area surrounding D.C. has risen by 10.1 percent this year.  Not surprising given the high concentration of security companies and agencies in the region.

Other regions need to follow suit because one thing is clear.  We can’t afford to lose this battle.

Picture Credit:



Let us know your thoughts.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: