SCARY: The Skills Required for Cybersecurity Have Changed

Cyber-threats are a real and pervasive threat for enterprises, but what are they doing about it? Turns out, not much - at least when it comes to hiring those that have the necessary skills to put up a fight (or at least a good defense).

Security and compliance solution Tripwire, for example, has published a study that reveals some 93 percent of security professionals are concerned about the cybersecurity skills gap, and 72 percent believe it is more difficult to hire skilled security staff today that it just two years ago. And making matters worse, 81 percent believe that the skills required to be a great security professional have changed in the past few years.

Other notable highlights of the study include that 20 percent of respondents indicated their organizations had hired people with expertise not specific to security over the past two years; while 17 percent stated they plan to do the same in the next two years. Fortunately, Tripwire's study also found that 50 percent plan to invest more heavily in training their existing staff to help with the looming skills shortage. So, no need to panic just yet.

"It's evident that security teams are evolving and maturing with the rest of the cybersecurity industry, but the pool of skilled staff and training simply aren't keeping up," said Tim Erlin, vice president of product management and strategy at Tripwire.

"For example, beyond their technical duties, security practitioners may now be expected to spend more time in boardrooms or in the CFO's office to secure more budget. While the makeup of the cybersecurity workforce may be changing, the fundamentals of protecting an organization have not. It will be critical during this transition to ensure there's a long-term strategy in place around maintaining their foundational security controls."