Search
Close this search box.

Cyber Security is a ‘people problem’ says IISP Survey

Over 80 percent of security professionals identify ‘people’ as the industry’s biggest challenge compared to technology and processes, according to the results of the second annual survey from The Institute of Information Security Professionals (IISP). Comment from Piers Wilson, author of the report and Director at the IISP.
Cryptocurrency

Over 80 percent of security professionals identify ‘people’ as the industry’s biggest challenge compared to technology and processes, according to the results of the second annual survey from The Institute of Information Security Professionals (IISP). Comment from Piers Wilson, author of the report and Director at the IISP.

The survey also indicates that while 60 percent of respondents still feel that investment is not keeping pace with threat levels, there was a modest 5 percent increase in businesses that feel better placed to deal with a breach or incident if it happens. In real terms, spending does appear to be on the rise with 70 percent of companies seeing an increase in budget, up from 67 percent and only 7 percent reporting a reduction, which is down from 12 percent last year.

While people have long been seen as the weakest link in IT security through lack of risk awareness and good security practice, the people problem also includes the skills shortage at a technical level as well as the risk from senior business stakeholders making poor critical decisions around strategy and budgets. Interestingly, the increase in reported skills shortages contrasts with a decrease in those reporting a lack of experience being a market factor. This suggests that as the industry matures the shortage of experienced, senior managerial professionals will reduce and the problem will be felt most acutely in the hands-on technical disciplines.

“The survey highlights the continued need for industry, government, academia and professional organisations like the IISP to continue to work hard to attract new entrants and younger people into the industry,” said Piers Wilson, author of the report and Director at the IISP.  “This year, over 75 percent of respondents had a degree and over a third had a post graduate Masters Degree – an increase of over 5 percent, reflecting the increasing number of university programmes. While this is very encouraging, we also need to develop other routes into the industry to harness talent from diverse backgrounds.”

“It is still the case that technical IT security disciplines don’t always get their share of respect, yet these are the people at the front line defending systems and companies from attack and keeping one step ahead of the cyber criminals,” adds Wilson. Despite a lack of wider recognition, the security industry is increasingly lucrative and provides a strong career path for those with the right skills and abilities.  Some three-quarters of respondents reported positive job and career prospects, with 28.6 percent earning between £50 to £75k and almost 20 percent on salaries over £100k.

“The challenges around hiring and retention are putting an upward pressure on salaries,” says Piers Wilson. “But while money and career opportunities were cited as the most common reasons for taking and leaving jobs, other factors include variety of work, management and company culture, research and learning and autonomy. Many of the figures in this year’s survey show a step in the right direction,” says Piers Wilson, “The continuing high frequency of cases hitting the headlines and the regulatory pressures, including from GDPR, are leading to a corresponding increase in investment and a drive for increased skill, experience, education and professionalism. However, there is still a lot of work to do and we need to redouble our efforts to meet the challenge of increasingly sophisticated threats.” Along with surveying its diverse membership of over 2,500 people, this time the IISP opened the survey up to non-member security professionals. The respondents to the survey represent a wide range of ages, experience and industry sectors and so provide a very accurate picture of the state of UK businesses in terms of skills shortage issues, the state of security preparedness and risk awareness.

Read more

Latest News

Read More

AI in the workplace: time to ‘get in the game or watch from the side-lines’

22 February 2024

Newsletter

Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

University of Liverpool – Directorate of People and Services – Human Resources DepartmentSalary: £38,205 to £44,264 per annum

Solihull College & University CentreSalary: £28,086 pa – up to

They are now looking for an experienced Employment Solicitor with at least 7 years PQE or Legal Executive to head up their Employment and HR

As the Head of HR, you will play a vital role in ensuring the organisation has the correct quantity and quality of people performing to

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE