Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Why You Should Be Losing Sleep over the Security Skills Shortage

We've written a few  times in this space about the seemingly ineradicable security skills shortage that exists in organizations worldwide. Bad news: The picture doesn't appear to be getting any rosier. The latest ominous headline comes from Burning Glass, a labor market analytics firm, which has documented a 74 percent spike in cybersecurity job postings from 2007 to 2013, double the rate of all IT jobs.

For a long time, many business leaders have viewed security as little more than a nuisance. This mentality, which still persists in some places, resulted in the limited cultivation and development of proficient security professionals. But over the past decade, massive breaches became commonplace, the cyber black market rapidly matured and professionalized, and the attack surface dramatically expanded as emerging technologies and network-connected devices entered the corporate mainstream.

Chief executive officers and other bosses have since perked up to the seriousness of the whole situation, but the demand for security talent has long surpassed the supply. Astonishingly a reported one million security jobs are unfulfilled worldwide. Industry, government and academia efforts to bolster education and training will help, but the road remains long and convoluted. The proverbial barn door is open, and the horse has bolted.

Coming off arguably the most prolific year in history for data compromises - and staring even more egregious attacks directly in the face - security groups can ill afford to be staffed with inexperienced, incompetent or strictly compliance-minded individuals. This goes not only for prevention and detection obligations, but also for the seemingly inevitable duty of incident response   .

Meanwhile, in an attempt to repel their sly adversaries, organizations have unwittingly created an additional problem for themselves: They have purchased feature-rich security technologies they hope will stop modern-day threats like malware. But with features comes complexity, and many businesses have been unable to properly adopt or effectively deploy these solutions.

Our just-released 2015 Security Pressures Report, which polled more than 1,000 security decision-makers in the United States, U.K. and Canada, found that 84 percent of respondents want to see the size of their IT security team increased. And more than two-thirds feel pressure to adopt security technologies containing all of the latest features, but only 29 percent believe they have the proper resources on hand to use those purchases.

The Pressures Report offered a number of recommendations in its conclusion section, but one specifically spoke to the lack of skills and product complexity challenges facing organizations. It encouraged organizations to consider managed security service providers, which already are seeded with deep expertise and intelligence, and can scale their offerings to meet the demands of any size organization.

The final section of the report also noted the importance of organizations ingraining security into their culture. Entities that prioritize security and IT risk reduction from the top down are stronger situated to ensure the most qualified candidates for security roles are the ones who are hired - and once they are brought on board, they stay.

We encourage you to download the 2015 Security Pressures Report to see all of the pressure-related stats that may be hampering your job, in addition to the rest of our list of practical suggestions for alleviating these points of tension.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo