Companies struggling to fill cybersecurity roles, study finds

by Morgan Chalfant - 02/13/17 11:53 AM ET

Companies across a range of industries are struggling to hire people for cybersecurity positions, according to a new survey.

One in four companies globally said that it takes six months or more to fill open cyber and information security positions, according to an annual survey conducted by ISACA’s Cybersecurity Nexus released on Monday.

In North America, respondents reported that they are unable to fill open positions 26 percent of the time. The case is worse in Europe, where roughly one-third of these positions remain unfilled.

{mosads}Companies based in Asia have less difficulty filling cybersecurity roles, with positions remaining vacant 22 percent of the time.

The study, conducted in October, surveyed individuals working in jobs with cyber or information security responsibilities who hold ISACA security certifications. The study covered a range of industries, including aerospace, healthcare, government, military, finance, manufacturing, transportation and technology.

The study found that the majority of vacant cyber positions remain so for a long period of time, with 55 percent of respondents saying that open positions take at least three months to fill.

“Applicable cyber security talent is becoming increasingly difficult to find in today’s ever growing cyber security field,” the report stated. “Therefore, it is not surprising that survey respondents say that enterprises are struggling when trying to fill important cyber security positions.”

“The main problem of obtaining key talent in the realm of cyber security stems from a lack of qualified applicants,” the report concluded.

The findings come amid heightened scrutiny of efforts by the federal government and private sector companies to safeguard their computer systems. Recent highly publicized cyber intrusions — including breaches of the Democratic National Committee and Yahoo — have cast light on cyber vulnerabilities and spurred public anxiety about the safety of sensitive information.

“Though the field of cyber security is still relatively young, demand continues to skyrocket and will only continue to grow in the coming years,” Christos Dimitriadis, chair of ISACA’s board, said in a statement.

“As enterprises invest more resources to protect data, the challenge they face is finding top-flight security practitioners who have the skills needed to do the job. When positions go unfilled, organizations have a higher exposure to potential cyberattacks. It’s a race against the clock,” he said.