Modern field guide to security and privacy

What are the world’s information security professionals thinking about?

Understanding the global information security workforce is a necessary first step to growing and building the field.

Ever wondered what the global information security workforce thinks are the industry’s major issues?

At (ISC)², we believe it’s important to keep a pulse on what’s happening in the industry, which is why we’ve conducted the Global Information Security Workforce Study (GISWS) on a bi-annual basis since 2004.

This year’s top concerns include data exposure, security misconfiguration, data exfiltration, malware and social engineering. However, the most common security threats, in order, are malware, social engineering, security misconfiguration and insider threat.

Data exposure has caused problems for many companies in the public eye, so seeing that at the top of the list should be no surprise. What’s interesting is that a fear of an insider threat shows up on the list of the most common security threats; however, it wasn’t placed on the list of top concerns of cybersecurity professionals.  

In addition to digital threats, the gap in the information security workforce has expanded again this year, up to 1.8 million professionals needed from 1.5 million in 2015.

In fact, 66 percent of respondents said that their organization has too few information security workers. This number has increased over the years – in the 2015 study, 62 percent of survey respondents stated that their organizations had too few information security professionals and in 2013, it was 56 percent.

For the 2017 GISWS, we have a quality respondent sample of over 19,000, compared to over 13,000 respondents in the last study.

The respondent pool is also more regionally diverse, with 10,584 respondents from North America, 3,694 respondents from Europe, 1,075 respondents from Middle East and Africa, 979 respondents from Latin America and 3,309 respondents from Asia-Pacific in the 2017 study.

Just over half of respondents (51 percent) are in management-level or higher positions, while nearly half (48 percent) are in non-managerial staff positions, so we’re getting a close to an equal perspective from both sides of the desk. The highest number of respondents identified themselves as information security professionals (35 percent), followed by IT professionals (17 percent) and cybersecurity or risk professionals (14 percent).

In terms of industries, professional services ranked the highest, with 29 percent of respondents identifying as working within that industry. Banking/insurance/finance was the next highest industry, with 17 percent of respondents, followed by government (12 percent), military services, armed forces or defense (9 percent) and telecommunications and media (8 percent).

We have more than enough data this time around to turn the study into multiple reports instead of one 40-plus-page report. For the 2017 (ISC)² Global Information Security Workforce Study, we will release a series of reports on millennials, women in cybersecurity, U.S. government, Asia-Pacific, North America, Latin America, EMEA, global and diversity in the U.S. The former 40-page report was the mile wide, inch deep version. Now with a variety of analyses and reports, we’re offering a deeper dive into specific sets of data.

The first analysis on millennials in cybersecurity was released during the RSA Conference in San Francisco. The next report on women in cybersecurity will be released on March 8, which is International Women’s Day. The other reports will be issued throughout the year. Follow (ISC)2 on Facebook and LinkedIn to keep a pulse on what’s happening with the information security workforce, and visit our website at www.isc2.org.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to What are the world’s information security professionals thinking about?
Read this article in
https://www.csmonitor.com/World/Passcode/Security-culture/2017/0214/What-are-the-world-s-information-security-professionals-thinking-about
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe