Much has been made about the U.S. government’s need to hire more cyber-security professionals. But finding the best way to build that workforce may be difficult.
A new survey from the International Information Systems Security
Certification Consortium (ISC)² finds that many of the trending ideas
on how to structure the cyber-security workforce do
not jibe with the thoughts of those on the frontlines. In a poll of
nearly 700 IT security pros, about 75 percent cite "a lack of a
defined career path" as a key reason there is a shortage of federal IT
security pros, while just under 60 percent cite "a lack of
professional development plans."
Some 74 percent of respondents attribute the security weaknesses of
infrastructures as being due to inadequately trained staff. Lack of
professionals with appropriate skills (68.6 percent) and insufficient
funding (63.2 percent) were also popular answers.
Roughly 47 percent of respondents agree that current information security certification programs are
serving the need of the U.S. federal government to build a qualified
cyber-security workforce. Nearly half (48.3 percent),
however, say there is a gap between existing certification programs
and the specific cyber-security skills needed in the
workplace. Approximately 40 percent say current professional
certification programs create a false sense of security, and
about 54 percent say "increasing investment in training and
certification primarily for technical skills" will not solve America’s
security problems.
For more, read the eWeek article Cyber-Security Job Development Challenges Highlighted in Survey.