Security skills of IT workforce lacking, survey finds

CompTIA's most recent survey reveals wide gap between IT security skills wanted and those workers bring to the job.

The Computing Technology Industry Association surveyed 3,500 technology professionals in North America, Europe and Asia to determine the IT security skills organizations need more and how well the skills IT workers have fulfills that need.

A majority of organizations are in need of IT workers with security, firewall and data privacy skills, but more than 40% surveyed by the Computing Technology Industry Association said their IT employees are not proficient in such skills.

Nearly three-fourths of 3,500 technology professionals polled identified security, firewall and data privacy as the IT skills most important to their organization today, according to CompTIA, which commissioned The Center for Strategy Research to conduct the telephone and online survey during the fourth quarter of 2007. Tied for second in terms of importance behind security skills were general networking and operating system skills, cited by 66% of respondents each.

Yet despite the importance 73% of IT managers place on security skills, just 57% also said they believed their IT employees were proficient in such skills, which represents a gap of 16 percentage points between the skills IT organizations need and those they have in place.

"Security, which is viewed as the most important skill, has the greatest gap between importance and proficiency, indicating that the supply of these skills is not meeting demand," the CompTIA report reads.

But technology professionals polled don't blame IT workers; instead, they point to the fast pace of technological change as a cause for insufficient skills. More than 50% of respondents say that gap is in place because the landscape of IT security changes too quickly for IT employees to keep pace with advances in technology. Other elements driving change in the IT industry included budget constraints (51%), security and compliance (48%) and consumer needs (47%).

Among the remedies IT managers are considering to keep employees' security skills sharp are training and incentive programs. According to CompTIA, 42% of the 3,500 technology professionals surveyed said they would offer their employees external professional training. Another 41% said they would provide various types of incentives by way of bonuses or other perks. About one-third planned to send their employees out to get certifications, and another 36% intend to offer developmental career programs for their IT employees.

And not only are security skills insufficient, but IT managers polled believe there is a lack of qualified candidates overall. For instance, 38% of IT managers say there are "not enough" qualified candidates in their countries. Less than one-third (28%) say there are "just enough", while less than one-quarter (23%) say there are more than enough qualified candidates, the CompTIA research reveals.

"While IT managers in the IT industry anticipate growth of their own staffs and the IT workforce in general, they are also more likely than those in other industries to say there are 'not enough' qualified candidates in their country (44% vs. 38%)," the report reads.

Learn more about this topic

 
Insider Shootout: Best security tools for small business
Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies