Research conducted by Experis, the company which specialises in IT, Engineering and Science recruitment, shows that IT security breaches have increased by 38% in just 12 months. This upsurge occurred between 2014 and 2015 and is predicted to grow even more this year.
The global research also shows that businesses are currently ill-equipped to deal with such security issues, with nearly one third (32%) of those surveyed identifying information security as an in-demand and hard to find skill. The average cost of dealing with a data breach can now cost businesses up to $3.8million (€3.3million), while the cost of each individual lost or stolen file containing sensitive information rose by 23% to $154 (€135).
This challenge is expected to get even more difficult, with demand for key security talent outpacing the worldwide growth in the talent pool. Industry figures show that the projected global growth in demand for information security professionals will be 2.5 million by 2019, while supply is projected to grow by only 1 million.
According to Experis Ireland, this global situation is being mirrored in Irish marketplace where there is a growing demand for information security talent, particularly for the high level expertise required to plan and execute security strategies. IT roles which are currently proving particularly difficult to fill in Ireland include:
- Penetration Testers (also known as ‘Ethical Hackers’)
- Policy Writers
- Network Security Analysts
- Technical Security Solutions Engineers
- Senior Information Security Consultants
- Information Security Architects
- Network Security Specialists
Among the skills required for these roles are Security Awareness, Vulnerability Management, Disaster Recovery, Cyber Defence and Data Loss Prevention.
The study also shows that the growing BYOD (Bring-Your-Own-Device) culture has resulted in operational inconsistencies that have become security vulnerabilities. Strong perimeter security architecture can no longer adequately protect business processes and information, but providing more advanced governance that goes beyond simply locking down users through firewalls and network controls requires security talent that many organisations just don’t possess.
Andrew Crawford, Head of Experis Ireland, which provides in-demand talent for mission critical positions in the IT, Engineering and Science sectors, says this research warns that the increasing sophistication of IT breaches, coupled with the growing deficit of required talent is posing a very real challenge to businesses.
“Security breaches are making headlines regularly in Ireland and around the world and with the increased sophistication of the technology behind these breaches and the continued move towards remote working, businesses have been eclipsed by the situation. The fact is there simply isn’t enough mature security expertise to go around, either today or for the foreseeable future. At the core of the problem is the conundrum that mature skills and security experience cannot be taught by any academic course. It takes time in the right jobs to develop.”
“Currently more than half of employers use only permanent staff to fill critical IT roles and this model greatly reduces the ability of an organisation to incorporate fast-evolving technologies or react to emerging threats as needed. Companies need to break from the traditional mould of full time permanent staff and look at other options to secure the cyber security and IT skills they need. The shortage of information security talent is not going to ease and organisations need to be imaginative and innovative in finding ways to leverage the talent they acquire in the most effective way possible.”
Download the report, Protecting Your Organization in a Talent-Scarce Market here.