Survey: Most Cyber Managers Say Teams Understaffed

(Image: Shutterstock)

Information systems trade group ISACA released results of a survey today that finds 70 percent of cybersecurity managers and practitioners believe that their organizations’ cybersecurity teams are understaffed.

The survey, which also details that 21 percent of respondents report that their teams are severely understaffed, is featured in ISACA’s planned two-part State of Cybersecurity 2019 report.

The report issued today finds that the staffing shortages largely come from challenges in finding technically proficient employees, lower retention as professionals depart companies for greater pay and work environments elsewhere, and a decline in gender diversity programs. Cybersecurity budget increases are also expected to slow, compounding the difficulties companies face in maintaining staffing needs, it said.

Although most respondents to the survey report challenges in hiring and retaining proficient cybersecurity staff, the report suggests that the data presented from the survey mark an opportunity for change within the industry.

“Although these statistics may prove disheartening to some, they actually present great opportunity for enterprises with initiative,” the report states. “Organizations that acknowledge the statistics shown in this research should be able to fill open positions quicker and retain their current talent.”

Retired Air Force Gen. Gregory Touhill, the former federal chief information security officer and an ISACA board member, echoed the report’s conclusion in a blog post, but he also stressed that the report needed a stronger sense of urgency in addressing the issues posed by the survey respondents.

“Effective and informed leadership is needed to address the issues this report highlights,” Touhill wrote. “Let’s all take a leadership role to make things better.”

Particularly, Touhill suggests that reskilling employees to fill staffing gaps, valuing compensation through investment in the right technology and educational training, and seeking diversity in the work environment, are key ways cybersecurity leaders can mitigate staffing shortages.

Recent