IT Staffing Report: Sept. 10, 2015

Print

Information security talent shortage is at the senior level, survey finds

The real problem with the perceived talent shortage in information security is retention and churn at the higher levels, according to a survey by IT and security executive networking firm T.E.N. and International Data Corporation.

At the entry levels, where expectations for new hires are basic, the survey found filling a position takes about three months. However, the talent shortage comes at the higher experience levels, those that start after about 10 years, according to the report. The skill set demanded by higher-level practitioners is significantly more complex, and demands for the positions much higher; positions at this level often take 18-plus months to fill, according to the survey.

“We talk a lot about the security job shortage and the need for education,” said Pete Lindstrom, IDC’s research director, security products. “But the real problem is burnout and churn. Our field must rethink the way it handles incidents and treats [chief information security officers] to move forward as a profession.”

According to survey, chief information security officers and senior security level practitioners typically have approximately 25 years of work experience with 15 years in the field of security. The survey also found that respondents have changed jobs on average more than six times over the course of their careers. “Finding the best candidate requires more than a position description; it requires robust industry knowledge, a practical understanding of the CISO/CSO role, and a proactive, innovative approach built on trust, collaboration and confidentiality,” said T.E.N. CEO and President Marci McCarthy. “The results of this survey show that matching an executive to the organization is the best solution for chronic churn in the security job market.”

The survey included 155 chief information security officers and other senior information security executives.