Shortage of Skilled Cyber Security Professionals Causing Economic Ripple Effect across the Globe, (ISC)²® Study Finds

2013 Global Information Security Workforce Study finds that hactivism, cyber-terrorism and state-sponsored acts among list of top security concerns, yet two-thirds of CISOs feel short-staffed, resulting in frequent and costly data breaches

London, UK – February 25, 2013 – (ISC)²® (“ISC-squared”), the world’s largest not-for-profit information security professional body and administrators of the CISSP®, today released the results of its sixth Global Information Security Workforce Study (GISWS) in partnership with Booz Allen Hamilton, conducted by Frost & Sullivan. The study of more than 12,000 information security professionals worldwide (3,229 from the Europe/Middle East/Africa region) reveals that the global shortage of information security professionals is having a profound impact on the economy and is driven by a combination of business conditions, executives not fully understanding the need for security, and an inability to locate qualified information security professionals.

The report finds that hactivism (43 percent), cyber-terrorism (44 percent), and hacking (56 percent) are among the top concerns identified by respondents, yet more than half – 56 percent – feel their security organisations are short-staffed. Many organisations (15 percent) are not able to put a timeframe on their ability to recover from an attack, even though service downtime is one of the highest priorities for nearly three-quarters of respondents. The data concludes that the major shortage of skilled cyber security professionals is negatively impacting organisations and their customers, leading to more frequent and costly data breaches.

“Now, more than ever before, we’re seeing an economic ripple effect occurring across the globe as a result of the dire shortage of qualified information security professionals we’ve been experiencing in recent years,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director of (ISC)². “Underscored by the study findings, this shortage is causing a huge drag on organisations. More and more enterprises are being breached, businesses are not able to get things done, and customer data is being compromised. Given the severity of cyber espionage, hactivism, and nation-state threats, the time is now for the public and private sectors to join forces and close this critical gap. We must focus on building a skilled and qualified security workforce that is equipped to handle today’s and tomorrow’s most sophisticated cyber threats.”