Security skills of IT workforce lacking, survey finds

CompTIA's most recent survey reveals wide gap between IT security skills wanted and those workers bring to the job

A majority of organizations are in need of IT workers with security, firewall and data privacy skills, but more than 40 per cent surveyed by the Computing Technology Industry Association in the US said their IT employees are not proficient in such skills.

Nearly three-fourths of 3,500 technology professionals polled identified security, firewall and data privacy as the IT skills most important to their organization today, according to CompTIA, which commissioned The Center for Strategy Research to conduct the telephone and online survey during the fourth quarter of 2007. Tied for second in terms of importance behind security skills were general networking and operating system skills, cited by 66 per cent of respondents each.

Yet despite the importance 73 per cent of IT managers place on security skills, just 57 per cent also said they believed their IT employees were proficient in such skills, which represents a gap of 16 percentage points between the skills IT organizations need and those they have in place.

"Security, which is viewed as the most important skill, has the greatest gap between importance and proficiency, indicating that the supply of these skills is not meeting demand," the CompTIA report reads.

But technology professionals polled don't blame IT workers; instead, they point to the fast pace of technological change as a cause for insufficient skills. More than 50 per cent of respondents say that gap is in place because the landscape of IT security changes too quickly for IT employees to keep pace with advances in technology. Other elements driving change in the IT industry included budget constraints (51 per cent), security and compliance (48 per cent) and consumer needs (47 per cent).

Among the remedies IT managers are considering to keep employees' security skills sharp are training and incentive programs. According to CompTIA, 42 per cent of the 3,500 technology professionals surveyed said they would offer their employees external professional training. Another 41 per cent said they would provide various types of incentives by way of bonuses or other perks. About one-third planned to send their employees out to get certifications, and another 36 per cent intend to offer developmental career programs for their IT employees.

And not only are security skills insufficient, but IT managers polled believe there is a lack of qualified candidates overall. For instance, 38 per cent of IT managers say there are "not enough" qualified candidates in their countries. Less than one-third (28 per cent) say there are "just enough", while less than one-quarter (23 per cent) say there are more than enough qualified candidates, the CompTIA research reveals.

"While IT managers in the IT industry anticipate growth of their own staffs and the IT workforce in general, they are also more likely than those in other industries to say there are 'not enough' qualified candidates in their country (44 per cent vs. 38 per cent)," the report reads.

Show Comments