Information security is a top priority for many organizations. Yet a new study shows that the individuals tasked with securing data and networks may not have the requisite skills to do so.

More than 3,500 information technology (IT) managers around the world participated in the survey commissioned by the Computing Technology Industry Association (CompTIA). These managers identified security as the technology skill most important to their organizations today. But IT managers also said there is a significant gap in the security skills available among today's tech workforce when it comes to such critical areas as data privacy, firewalls and other security practices.

The importance of security technology skills was identified as a top priority across more than a dozen industries surveyed; across organizations ranging from small business to large enterprise; and across geographies.

Among IT managers in nine countries with established IT industries (Australia, Canada, France, Germany, Italy, Japan, the Netherlands, United Kingdom, and United States), 73 percent identified security, firewalls and data privacy as the IT skills most important to their organization today. But just 57 percent said their IT employees are proficient in these security skills, a gap of 16 percentage points.

The gap is even wider in five countries where the emergence of a strong IT industry is relatively recent (China, India, Poland, Russia, and South Africa). Among respondents in these countries, 76 percent identified security as the top skill their organization needs; but just 57 percent said their current tech staff is proficient in security. That's a difference of 19 percentage points.

Security skills showed the largest gap between importance and proficiency across all countries, with the exception of the Netherlands, where it was the second largest gap behind application-level IT skills.

CompTIA commissioned The Center for Strategy Research, Inc. (http://www.csr-bos.com/index.htm), a Boston-based market research firm, to conduct the survey among organizations worldwide to identify gaps in IT skills and possible solutions to close those gaps. The telephone and online survey was conducted during the fourth quarter of 2007.

With so much attention focused on security, and so many resources devoted to it, why are security skills coming up short? IT managers say it's because the security landscape changes so rapidly, with the volume and virulence of security threats growing almost daily, that it is difficult for even the most seasoned security professionals to stay ahead of hackers and cyber criminals.

View article on one page