Survey indicates many IT workers not ready to handle cybersecurity

The significance of cyber security was confirmed by a recent survey of cybersecurity and information security professionals. Cybersecurity is a global concern f...

This content is sponsored by ISACA

Anyone who follows the news knows cybersecurity is a global concern for individuals, businesses and government. Personal, corporate and government information are consistently attacked from malware, hackers, identity thieves and others.

The significance of cyber security was confirmed by a recent survey of cybersecurity and information security professionals. Seventy-four percent of respondents indicated they think it is highly likely or likely their organization will experience a cyberattack this year.

The survey was done in late 2015 by ISACA and RSA Conference. ISACA is an independent, nonprofit, global organization dedicated to improved information systems. ISACA stands for Information Systems Audit and Control Association, although the group goes only by its acronym. RSA Conference is a forum to share knowledge and information about internet security.

Those surveyed all have professional cybersecurity or information security responsibilities. About two-thirds of the respondents live in the U.S. or Europe and 69 percent work for companies with more than 1,000 employees.

One of the more concerning aspects of the survey is many security professionals lack confidence in the ability of their team members to effectively deal with cybersecurity threats. Only 75 percent of security professionals indicated they were confident in their team’s ability to detect and respond to cybersecurity incidents. Of those, 60 percent said they did not believe their staff could handle anything beyond a simple incident.

There are also indications the problem is likely to get worse instead of better. The survey showed it takes the majority of organizations (54 percent) three to six months to fill information security or cybersecurity positions. In the hiring process, 59 percent said less than half of their job applicants were “qualified upon hire” to handle cybersecurity matters.

In an interview for inforisktoday.com, Eddie Schwartz, international vice president of ISACA, discussed a new certification to help deal with the lack of trained and qualified cybersecurity professionals. Introduced in 2015, Schwartz said the CSX Practitioner certification should appeal to mid-career workers who want to shift into cybersecurity as well as to those just starting in the field.

In the survey, 61 percent of respondents indicated cybersecurity professionals lack the technical skills to perform their duties effectively. Another 75 percent reported information security employees often lack the “ability to understand the business.”

Many survey respondents reported they are dealing daily with security attacks of one nature or another. The attacks are getting the attention of management. When asked, “How concerned is your organization’s board of directors about cybersecurity/information security?”, 82 percent reported they were concerned or very concerned.

In the U.S., the White House indicates the Obama Administration’s top cybersecurity priority is protecting the country’s critical infrastructure from cyber threats.

“Cyberspace touches nearly every part of our daily lives,” explains a White House statement. “It’s the broadband networks beneath us and the wireless signals around us, the local networks in our schools and hospitals and businesses, and the massive grids that power our nation. It’s the classified military and intelligence networks that keep us safe, and the World Wide Web that has made us more interconnected than at any time in human history. We must secure our cyberspace to ensure that we can continue to grow the nation’s economy and protect our way of life.”

As the survey indicates, more organizations must address cybersecurity risk “as the rate of incidents continues to escalate.”

 

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    (Getty Images/iStockphoto/metamorworks)Medical technology concept.

    Pentagon’s reproductive healthcare policy used 12 times from June to December

    Read more