Security / Measuring the IT Security Skills Shortage's Extent

Measuring the IT Security Skills Shortage's Extent

By Michael Vizard | Posted 2016-08-31

1 of

Measuring the IT Security Skills Shortage's Extent

Grasping the extent of a problem is the first step to solving it. New research examines the IT skills shortage and how it affects organizations large and small.
Confidence in IT Security

59% of respondents were not completely sure that their networks have not been hacked, and 52% of businesses agree that their security will be compromised at some point.
Percentage of IT Pros Focusing on Security

Only 15% of the talent in an IT department of a large company is dedicated to security. For SMBs with a team of 16 IT pros, there were two security experts.
Future Growth in IT Security Staff

Of 69% of businesses that expect to increase their IT security staffs, 19% think their IT security departments will grow significantly (27% of enterprises and 22% SMBs), with 4.1% expecting their headcount to double over the next three years.
Wage Growth for IT Security Pros

Half the respondents (50%) say they have already seen wages for IT security professionals rise.
IT Security Talent Shortage

Even though nearly half (46%) are looking to hire additional security personnel, 48% also say there is a shortage of IT security talent that they can hire.
IT Security Breach Causes and Expenses

Large businesses that feel confident about their IT security team development pay $100,000 to $500,000 to recover from a single breach. Companies that admit a certain amount of insecurity in attracting new talent end up paying from $1.2 million to $1.47 million.
Recovery Costs

A significant portion of the recovery costs is due to additional staff wages—$14,000, on average, for SMBs, $126,000 for enterprises—with companies spending more on hiring external experts and paying overtime for their own teams.
Drivers of IT Security Budget Increases

Four in 10 (40%) of companies cite increased infrastructure complexity as a major driver for increasing IT security budgets. A full 62% of large companies and 59% of SMBs will continue investing in IT security, regardless of the ability to measure returns.
IT Security Audits

Businesses are still cautious when it comes to employing external security consultants to audit the companies' level of protection from cyber-threats. Only 26% of companies polled say this approach is effective. But 72% of businesses that suffered from damaging attacks discovered them, thanks to external audits.
IT Security Outlook

In three years, companies are looking to invest 60% of their IT budgets on protection approaches beyond prevention.
View All Slideshows >

Although many businesses understand that they're ability to defend themselves from IT security attacks is relatively weak, most of them are not in a position to do much about it, according to the findings of a new survey of 4,000 business executives conducted by Kaspersky Lab. The good news is that investments in IT security are on the rise across the board. The biggest limiting factor, however, may not be the actual size of IT budgets. Rather, organizations are reporting that that even though almost half are looking to hire additional security personnel, nearly half also say there is a shortage of IT security talent. At the same time, half the respondents say that in terms of wages, it's becoming more difficult to recruit and retain IT security professionals. Those statistics bode well for increased demand for IT service providers in the channel. Yet, as short-handed as organizations are, only a little more than one-fourth of the respondents said an external audit of their IT security was an effective means of discovering whether the organization has been compromised. Channel Insider examines key takeaways from the study.