Yesterday, technology research giant Gartner released the results of a survey detailing a distressing fact: only 65% of enterprises currently have a cybersecurity expert on staff. This is despite the related finding that 95% of enterprise-level Chief Information Officers (CIOs) expect cyber-attacks to increase over the next three years.
Interestingly, the issue at heart here does not appear to be one of awareness; Gartner reports that most enterprises do indeed have a dedicated cybersecurity expert role—indicating that enterprises are becoming more properly concerned about their digital security in the era of data breaches. However, this newfound recognition comes in the midst of a cybersecurity skills shortage that has no end in sight.
Rob McMillan, Research Director at Gartner, commented in a statement about the cybersecurity skills shortage and how enterprises need to be vigilant in their search for a cybersecurity expert: “Cybersecurity is faced with a well-documented skills shortage, which is considered a top inhibitor to innovation. Finding talented, driven people to handle the organization’s cybersecurity responsibilities is an endless function.”
There doesn’t appear to be a singular root cause for the cybersecurity skills shortage. Instead, numerous factors appear to contribute to the crisis, including low pay relative to their level of responsibility, lack of training initiatives both within and outside enterprise security operations centers, a high cybersecurity expert burnout rate, and ingrained patriarchal cultures in IT security denying qualified female experts their deserved respect and recognition in the workplace.
The Gartner 2018 CIO Agenda Survey—from which these findings were pulled—reached 3,160 CIOs around the world, finding:
- 35% said their enterprise already invested in and deployed some aspect of cybersecurity.
- Another 36% are actively experimenting or planning to implement cybersecurity soon.
- A majority of CIOs consider growth and market share, rather than cybersecurity, as the top business priority for 2018.
- 60% of enterprise IT security budgets will support detection and response capabilities by 2020.
You can read more about the Gartner 2018 CIO Agenda Survey here.
Latest posts by Ben Canner (see all)
- 4 Key Lessons for Enterprise Mobile Device Security - September 11, 2019
- 3 Ways to Refine Your Enterprise Endpoint Security Strategy - September 10, 2019
- Palo Alto Networks Acquires Zingbox for IoT Security - September 6, 2019