Information Security Professionals Need New Skills to Secure Cloud-based Technologies, Study Warns

Information Security Professionals Need New Skills to Secure Cloud-based Technologies, Study Warns

More than 70 percent of information security professionals admit they need new skills to properly secure cloud-based technologies, a survey conducted by Frost & Sullivan and sponsored by (ISC)2  revealed. The 2011 (ISC)2 Global Information Security Workforce Study (GISWS) is based on a survey of more than 10,000 (2400 in EMEA) information security professionals worldwide and some of its findings are alarming, including the fact that a growing number of technologies being widely adopted by businesses are challenging information security executives and their staffs.

The widespread use of technologies like cloud computing and deployment of mobile devices jeopardizes security of governments, agencies, corporations and consumers worldwide over the next several years, the survey said.

The survey also finds that most respondents believe they and their employees need new skills to meet the challenges of new technologies like cloud computing and the growing number of social networks and mobile device applications. Actually, these findings are not surprising since information security professionals have always been a step behind the growing number of new technologies that appear very fast. One could not expect that information security staff will be well-prepared to answer all security threats related to fast paced market of cloud computing and mobile devices. Moreover, information security professionals are under pressure from end-user who want new technologies to be deployed as soon as possible, sometimes underestimating the related security risks.

In the modern organization, end-users are dictating IT priorities by bringing technology to the enterprise rather than the other way around. Pressure to secure too much and the resulting skills gap are creating risk for organizations worldwide,” Robert Ayoub, global program director – network security for Frost & Sullivan, commented in a press release.

More alarming is that cloud computing illustrates a serious gap between technology implementation and the skills necessary to provide security. Over 50 percent of respondents admitted they are using private clouds (55 percent EMEA), with over 70 percent (75 percent EMEA) realize the need for new skills to properly secure cloud-based technologies.

However, respondents reported application vulnerabilities as the greatest threat to organizations with 72 percent of those surveyed worldwide are ranking application vulnerabilities as No. 1 threat.
Mobile security could be the single most dangerous threat to organizations worldwide, the survey revealed, while about 70 percent (67 percent EMEA) of respondents reported having policies and technology in place to meet the security challenges of mobile devices.

Social media is another big threat, and respondents reported inconsistent policies and protection for end-users visiting social media sites, according to the study. Viruses and worms, hackers and internal employees are considered less threatening compared to 2008, the most recent year of the study.

Demand for information security professionals will continue to grow at 13.2 percent a year until 2015, reaching 4.2 million (1.15 million in EMEA) compared to 2.28 million (over 617,000 in EMEA) in 2010. Regulatory compliance demands, greater potential for data loss via mobile devices and mobile workforce, and the potential loss of control as organizations shift data to cloud-based services are among the most important factors behind the growing demand for professionals.

We are seeing a paradigm shift in how organizations are operating, brought on by the triple impact of cloud computing, the pervasive use of mobile devices and social media via the corporate network, along with the wave of new applications being developed to support it all,” John Colley, CISSP, managing director for EMEA of (ISC)2, commented.

The survey was conducted among 10,413 information security professionals from companies and public sector organizations around the world in the fall of 2010, including 61 percent in the Americas, 22.5 percent in Europe, the Middle East and Africa, and 16.5 percent in Asia Pacific. Forty-five percent (42 percent EMEA) were from organizations with over 10,000 employees.

Read Our Case Studies Regarding Network Security

By Kiril Kirilov

Sorry, comments are closed for this post.

Comic
InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Five-part series details companies to watch across five essential technology sectors SAN FRANCISCO, Sept. 27, 2016 /PRNewswire/ — InformationWeek released its list of “125 Vendors to Watch” in 2017. Selected by InformationWeek’s expert editorial team, the companies listed fall into one of five key themes: infrastructure, security, cloud, data management and…

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Connected Vehicles From cars to combines, the IoT market potential of connected vehicles is so expansive that it will even eclipse that of the mobile phone. Connected personal vehicles will be the final link in a fully connected IoT ecosystem. This is an incredibly important moment to capitalize on given how much time people spend…

Embedded Sensors and the Wearable Personal Cloud

Embedded Sensors and the Wearable Personal Cloud

The Wearable Personal Cloud Wearable tech is one avenue of technology that’s encouraging cloud connections and getting us all onto interconnected networks, and with the continued miniaturization and advancement of computing the types of wearable tech are always expanding and providing us with new opportunities. A few years ago, smartwatches were rather clunky devices with…

SWIFT Says Bank Hacks Set To Increase

SWIFT Says Bank Hacks Set To Increase

Bank Hacks Set To Increase SWIFT, whose messaging network is used by banks to send payment instructions worth trillions of dollars each day, said three clients were hacked over the summer and cyber attacks on banks are set to increase. The theft of $81 million in February from Bangladesh’s central bank using SWIFT messages rocked…

Security: Avoiding A Hatton Garden-Style Data Center Heist

Security: Avoiding A Hatton Garden-Style Data Center Heist

Data Center Protection In April 2015, one of the world’s biggest jewelry heists occurred at the Hatton Garden Safe Deposit Company in London. Posing as workmen, the criminals entered the building through a lift shaft and cut through a 50cm-thick concrete wall with an industrial power drill. Once inside, the criminals had free and unlimited…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…

Are CEO’s Missing Out On Big Data’s Big Picture?

Are CEO’s Missing Out On Big Data’s Big Picture?

Big Data’s Big Picture Big data allows marketing and production strategists to see where their efforts are succeeding and where they need some work. With big data analytics, every move you make for your company can be backed by data and analytics. While every business venture involves some level of risk, with big data, that risk…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things

Monetizing Internet Of Things There are many interesting ways in which companies are looking to connect devices to the cloud. From the vehicles to kitchen appliances the internet of things is already a $1.9 trillion dollar market based on research estimates from IDC. Included is a fascinating infographic provided by AriaSystems which shows us some of the exciting…

Surprising Facts and Stats About The Big Data Industry

Surprising Facts and Stats About The Big Data Industry

Facts and Stats About The Big Data Industry If you start talking about big data to someone who is not in the industry, they immediately conjure up images of giant warehouses full of servers, staff poring over page after page of numbers and statistics, and some big brother-esque official sat in a huge government building…

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Cloud Compliance  Regulatory compliance is an issue that has not only weighed heavily on the minds of executives, security and audit teams, but also today, even end users. Public cloud adds more complexity when varying degrees of infrastructure (depending on the cloud model) and data fall out of the hands of the company and into…

The Cloud Above Our Home

The Cloud Above Our Home

Our Home – Moving All Things Into The Cloud The promise of a smart home had excited the imagination of the movie makers long ago. If you have seen any TV shows in the nineties or before, the interpretation presented itself to us as a computerized personal assistant or a robot housekeeper. It was smart,…

Cloud Infographic – Cloud Public, Private & Hybrid Differences

Cloud Infographic – Cloud Public, Private & Hybrid Differences

Cloud Public, Private & Hybrid Differences Many people have heard of cloud computing. There is however a tremendous number of people who still cannot differentiate between Public, Private & Hybrid cloud offerings.  Here is an excellent infographic provided by the group at iWeb which goes into greater detail on this subject. Infographic source: iWeb

Cloud Computing Checklist For Startups

Cloud Computing Checklist For Startups

Checklist For Startups  There are many people who aspire to do great things in this world and see new technologies such as Cloud computing and Internet of Things as a tremendous offering to help bridge and showcase their ideas. The Time Is Now This is a perfect time for highly ambitious startups to make some…