PROTECTING YOUR ORGANIZATION IN A TALENT-SCARCE MARKET Information Security 2PROTECTING YOUR ORGANIZATION IN A TALENT-SCARCE MARKET INTRODUCTION Recent high profile security breaches have moved information security from a hidden corner of the IT function to front page international news. It has become a topic of strategic importance to both business and society. As organizations grapple to fnd solutions, they now face a widening security talent shortage that further complicates an already complex situation. Based on recent global IT skills research1 conducted by Experis across 10 major markets, this paper explores the impact of the security talent shortage, providing insights into the issues, along with guidance on how to minimize the associated risks. The Experis global research was based on information gathered from those whose responsibilities included hiring decisions. One of the key fndings of the research is that 32% of IT leaders mentioned information security as an in-demand and hard- to-fnd skill, both today and over the next 12 to 18 months. This compares to 18% with respect to software development, which was the next most popular skill. Access to adequate information security resources was identifed as a primary concern of IT respondents, highlighting the increasing criticality of acquiring and retaining information security talent. 1— Experis IT Skills Research 2015 IT IS NO LONGER A QUESTION OF WHETHER INFORMATION SECURITY BREACHES WILL HAPPEN, IT IS A QUESTION OF “WHEN” AND “HOW MUCH” 1/3 of IT leaders see information security as an in-demand and hard skill to fnd. 淘宝店铺 “Vivian研报” 首次收集整理 获取最新报告及后续更新服务请在淘宝搜索店铺“Vivian研报” 或直接用手机淘宝扫描下方二维码 PROTECTING YOUR ORGANIZATION IN A TALENT-SCARCE MARKET3 Security under the spotlight More than ever before, information security and the impacts of breaches have become mainstream topics of conversation. The seemingly endless parade of high profle cases in leading retail companies, fnancial institutions and government organizations is also serving to educate the public on the real impacts security failures have at the personal, professional and company level. Even mainstream media is embracing the theme, with prime time programs such as CSI: Cyber and Mr. Robot , which incorporate different fctional cyber threat scenarios derived from real stories. Whether the original goals of recent cyber-attacks were fnancial, political or personal, the net effect is an increasing number of C-suites and Boards of Directors who fnd themselves forced to redirect more and more resources every year toward dealing with information security threats. This has resulted in increased demand for information security talent, especially for the high-level expertise needed to plan and execute security strategies. Such strategies are required to combat the increasingly sophisticated threat environment that most organizations are facing. 38% increase of security breaches in 2015 vs.2014. CURRENT SITUATION $3.8 MILLION average consolidated total cost of a data breach. since 2013 23% since 2013 6% $154 cost incurred for each lost/stolen record with sensitive information. 4PROTECTING YOUR ORGANIZATION IN A TALENT-SCARCE MARKET Keeping up with technological advances Technology advances, coupled with increased interconnectedness, have provided society with tangible benefts. Clearly, the emerging “Internet of Things” that promotes interconnecting every device has produced an explosion in the creation and exchange of information. Virtualization, cloud computing and the expansion of processing power and data bandwidth in handheld devices have enabled the creation, collection and sharing of various forms of personal, private and corporate information, often through entirely new business models. Unfortunately, many users and providers have failed to understand (and deal with) the consequences of improperly protecting this information, and have, unwittingly in many cases, created vast collections of personal and private data that are ideal targets for cyber attacks. In addition, the growing BYOD (Bring-Your-Own-Device) culture has created an environment where most asset management capabilities are inadequate to control the devices used in the workplace. This has resulted in operational inconsistencies that quickly have become security vulnerabilities. Clearly, the strong perimeter security architecture, beloved by many CIOs, can no longer adequately protect the business processes and information. However, providing more advanced governance that goes beyond simply locking down users through frewalls and network controls requires security talent that many organizations just don’t possess. “Many users and providers have failed to understand (and deal with) the consequences of improperly protecting this information...” Experis 。。。以上简介无排版格式，详细内容请下载查看