We've heard a lot in the last couple of years about the skills shortage, and the associated challenges with recruiting skilled staff in cybersecurity. It's often said that security is founded on the triad of people, process and technology, and while technology is the enabler, without the skilled individuals who can configure it to deliver the appropriate results, and/or interpret what it is telling them, the triad is going to fall over.
Interesting too that this concern scored higher with CISO's than the actual outcome of that lack of staff - i.e. a successful cyberattack. Perhaps by investing more in the people element of security, the triad can be strengthened, and the technology investments can provide a more robust return.
The top concern among CISOs for 2018 falls outside the typical realm of attacks, employee negligence, or staffing shortages, according to findings released this week in a Ponemon Institute Survey. The top concern: "lack of competent in-house staff."