Experience Tops Skills for Security Roles

Tuesday, March 14, 2017 @ 03:03 PM gHale

Cybersecurity skills shortage is rampant and everyone know it, but instead of worrying about finding bodies to fill open positions, more people are placing more importance on experience than qualifications, a new report found.

Ninety-three percent of respondents place importance on experience rather than qualifications when it comes to hiring, according to a survey conducted by FireMon at the RSA Conference. In addition, 73 percent said it didn’t matter whether IT staff were college graduates when it came to getting the job done.

Security Device Market Growing: Report
IIoT Attacks Coming: Report
Use of Ransomware Skyrockets
Robots: Design in Security

The survey looked at the attitudes of 350 IT security professionals. Key elements of the survey found:
• 93 percent of IT professionals think experience is more important than qualifications
• 73 percent said it didn’t matter if IT staff were college graduates or not
• 50/50 split on whether it was better to have good communications skills or the best technical skills
• 90 percent said IT people needed to become more business savvy in order to keep up 
• 1/3 of respondents would like to see more intelligent products

“Combatting the skills gap does not lie solely with more people getting degrees and certifications,” said Jeremy Martin, vice president of engineering, FireMon. “Experience has been shown to be much more important, which could be good news for security-minded folks who learn by experimenting with code and tearing apart systems. That is not to diminish those with qualifications, but instead to encourage those with real-world experience to apply for the IT security jobs they think they might not otherwise get.”

It was also good news for those IT professionals who have good communication skills, but perhaps not the best technical skills, as respondents split down the middle as to what was more important. Another 90 percent of IT security professionals surveyed agreed in order to keep up with the rapidly changing threat landscape, IT security professionals would have to become more business savvy.

“Good communication skills can’t be overlooked,” Martin said. “We need people with those skills to become facilitators to the business. The key to the skills gap will be identifying these opportunities and matching them with individuals who can relay the IT security messages to the rest of the company or senior management in ways that makes sense in business terms.”

A final key finding was that a third of respondents said they could use more intelligent IT security products. With more intuitive technology, staffing resources could end up freed from mundane tasks to focus their knowledge where it really counts.

“With all of the complexity surrounding IT security infrastructure, from the various security technologies, routers, switches, firewalls and so forth, finding ways to make management tools and workflows more intelligent can shoulder some of the burden and fill in interim staffing gaps,” Martin said.

Leave a Reply

You must be logged in to post a comment.