Presentation is loading. Please wait.

Presentation is loading. Please wait.

(ISC) 2 2015 Global Information Security Workforce Study (GISWS) Results U.S. Federal Government.

Published byLaura Shaw Modified over 9 years ago

Similar presentations

Presentation on theme: "(ISC) 2 2015 Global Information Security Workforce Study (GISWS) Results U.S. Federal Government."— Presentation transcript:

1 (ISC) 2 2015 Global Information Security Workforce Study (GISWS) Results U.S. Federal Government

2 2 Global Study Objectives & Project Background

3 3 Study Objectives To obtain feedback from the (ISC) 2 members regarding certification, training and educational requirements for their organizations and their professional development. To identify trends and issues related to information security from both members and non-member security professionals. To understand potential gaps in organizational security. To forecast what positions will be most highly sought after in the next 3 to 5 years.

4 4 Research Background Background The information security profession continues to undergo shifts as a result of constantly changing regulatory environment and increasingly sophisticated and emerging new threats. (ISC) 2 has committed itself to maintaining its leadership role and growing its membership base in key geographic regions in which it is currently under represented. Bi-annual study 7th GISWS, first one released in 2004 In partnership with Booz Allen Hamilton, Cyber 360 Solutions and NRI Secure Technologies, conducted by Frost & Sullivan Likely the largest study of the information security profession ever conducted, the GISWS is comprised of nearly 14,000 information security professionals worldwide.

5 5 Source: Frost & Sullivan Research Background (continued) Of the nearly 14,000 - 11,208 were (ISC) 2 members and 2,722 were non-members Conducted using an on-line web based survey using the (ISC) 2 membership list. Email invitations to complete the survey were sent out to (ISC) 2 members between October 2014 and January 2015.

6 6 U.S. Federal Government Results

7 7 Source: Frost & Sullivan U.S. Federal Government Composition Sample U.S. Federal Government (Military, armed forces, defense)1,099 U.S. Federal Government (Excluding military, armed forces, defense) 727 Total U.S. Federal Government1,826

8 8 Source: Frost & Sullivan Profile—U.S. Federal Government Gender Composition of Workforce 86% male and 14% female Education 41% have degrees and an additional 47% have advanced degree Average Salary $112,000 Average Years of Experience 15 Reporting Structure (Top 3) 24% Security Department, 24% Executive Management, and 18% to IT Department

9 9 Assessment of U.S. Government Information Security: Better or Worse?

10 10 Source: Frost & Sullivan Assessment of U.S. Government Information Security QG5a. Overall, is the government's information security better or worse off than a year ago? Base: Filtered Respondents (n=975). 5% increase since 2013

11 11 Source: Frost & Sullivan Reasons for Improved U.S. Government Security QG5b. Why do you say that government security is better off than a year ago? Base: Filtered respondents (n=441)/(n=725)

12 12 Source: Frost & Sullivan Reasons for Reduced U.S. Government Security QG5c. Why do you say that government security is worse off than a year ago? Base: Filtered respondents (n=174).

13 13 Impact of Information Security Metrics, Tools and Technologies

14 14 Source: Frost & Sullivan Useful IT Security Metric Tools QG8. Which of the following IT security metric tools do you find useful? Select all that apply. Base: Filtered respondents (n=974).

15 15 Source: Frost & Sullivan Technologies Improving Security Activities in U.S. Government Q33b. What security technologies do you believe will provide significant improvements to the security of your organization? Select as many as you feel apply. Base: Filtered respondents (n=1,059).

16 16 Effectiveness of U.S. Government Initiatives Q33f. Please rate the effectiveness of each of the following government initiatives in providing security guidance and standards. Base: Filtered respondents (n=1,058)/(n=1611).

17 17 Source: Frost & Sullivan Implementation of NIST Cybersecurity Framework Q33h. In 2014, the United States government released the Framework for Improving Infrastructure Cybersecurity. Has your company adopted any of the measured outlined in this framework? Base: Filtered respondents (n=2,983) Note: This base size represents all US respondents who do NOT work for the Federal government

18 18 Source: Frost & Sullivan Attitudes Toward Mandated Security Requirements QG7. How much do you agree that the government should include specific, mandatory security requirements in every major IT procurement? Base: Filtered Sample (n=975) 81% agree there should be security requirements for every IT procurement

19 19 Threat Response

20 20 Source: Frost & Sullivan U.S. Government Threat Response Q33a. If your organization's systems or data were compromised by a targeted attack, how quickly do you predict it would take to remediate the damage? Base: Filtered Sample (n=1,059) 21% say threat remediation would take a week or more U.S. Private Industry18% 43% 4% 13% 5%

21 21 Source: Frost & Sullivan U.S. Government Top Security Threats Q30. Thinking about your own organization, please rate the following potential security threats on the degree of concern you have for each. - Top two box scores Base: Filtered respondents (n=1,059).

22 22 Workforce & Funding

23 23 Source: Frost & Sullivan Number of Security Workers in U.S. Government Q28a. Would you say that your organization currently has the right number of information security workers, too few, or too many? Base: Filtered respondents (n=1,059) / (n=1,821)

24 24 Source: Frost & Sullivan Impact of Worker Shortage in U.S. Government Q28e. What is the impact of your organization's shortage of information security workers on each of the following? - Top two box scores Base: Filtered respondents (n=632).

25 25 Source: Frost & Sullivan Reasons for Worker Shortage in U.S. Government Q28d. What are the reasons that your organization has too few information security workers? Select as many as apply. Base: Filtered respondents (n=632)/(n=1,049)

26 26 Source: Frost & Sullivan Average Salary in U.S. Government Q66. Which of the following includes your current annual salary in U.S. dollars before taxes? Base: Filtered Sample (n=1,802) / (n=1,798) 2015 US Private Sector $118,000

27 27 Source: Frost & Sullivan Salary Change in U.S. Government Q67. Did you receive a salary increase, including benefits and incentives, in 2014? Base: Filtered Sample (n=1,802) / (n=1,798)

28 28 Source: Frost & Sullivan U.S. Government Projected Change in Overall Spend Base: Filtered respondents (n=1,826). Q16b. Do you expect overall information security spending at your organization to increase, decrease, or remain the same?

29 29 Source: Frost & Sullivan Confidence in Legislators Providing Funding for Cybersecurity Q33l. How confident are you that your country's legislators understand the importance of security enough to provide sufficient funding to support your key information security initiatives? Base: Filtered Sample (n=401) 58% not confident

30 30 Skills, Training & Education

31 31 Source: Frost & Sullivan Important Skills in New Hires in U.S. Government Q19b. When making hiring decisions for information security staff how important is each of the following? – Top box scores Base: Filtered respondents (n=237).

32 32 Source: Frost & Sullivan Future Skills and Competencies in U.S. Government Q25. What are the skills and competencies that you will need to acquire or strengthen to be in position to respond to the threat landscape over the next three years? Select all that apply. Base: Filtered respondents (n=1,059).

33 33 Source: Frost & Sullivan Demand for Training and Education in U.S. Government Q23. In which areas of information security do you see growing demand for training and education within the next three years? Base: Filtered respondents (n=1,826)/(n=1,821).

34 34 Cloud Computing

35 35 Source: Frost & Sullivan Prioritization of Cloud Computing Q57. To what extent is cloud computing a priority for your organization now and in the future? - Top two box scores Base: Filtered Sample (n=1,171)

36 36 Source: Frost & Sullivan Cloud Migration Due to FedRAMP QG12. Have FedRAMP's baseline security controls enabled your agency to migrate systems more securely to the cloud? Base: Filtered Sample (n=1,077)

37 37 Source: Frost & Sullivan New Skills for Cloud Computing Q61c. What skills will be required for dealing with cloud computing? Select as many as apply. Base: Filtered respondents (n=810))

38 38 Source: Frost & Sullivan U.S. Government Frequency of Security Scans on Application Base: Filtered respondents (n=1,059). Q40. Please indicate the frequency with which security scans are conducted on the following applications. - Always

39 39 Source: Frost & Sullivan Security Concerns in the U.S. Government When Implementing Cloud QG10. How much of a security concern is each of the following for your government department agency when implementing cloud computing? - Top two box scores Base: Filtered respondents (n=1,078))

40 40 SUMMARY OF CONCLUSIONS

41 41 The key conclusions offered by the 2015 U.S. government-specific findings include: As predicted, the gap between the need for qualified information security professionals and the supply is having a negative impact on U.S. government security readiness and is only getting worse. The U.S. government has spent a lot of time, money and effort on policies, programs and tools designed to improve its security posture, but thus far there has been little return on that investment. Although procurement and acquisition are cited as moments of great vulnerability, there remains very little focus on applying security during the supply chain process.

42 42 Questions?

Download ppt "(ISC) 2 2015 Global Information Security Workforce Study (GISWS) Results U.S. Federal Government."

Similar presentations

2014 IT Salary Survey: Government Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

2014 IT Salary Survey: Government Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
Action Plan Skills Building: Module 2 Defining Action Plan Purpose and Scope January 2013.

Action Plan Skills Building: Module 2 Defining Action Plan Purpose and Scope January 2013.
Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.

Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.
UPDATE: “Military & Defense Sector” OEA Grant and Defense Industry Adjustment Program Presentation to the Washington Economic Development Association 4.

UPDATE: “Military & Defense Sector” OEA Grant and Defense Industry Adjustment Program Presentation to the Washington Economic Development Association 4.
CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.

CSI 2005 Computer Crime Survey Put together by J. Scott, 2006 Using Graphics and Text from the Published CSI/FBI 2005 Crime Survey.
 Team name: Teen Titans  Team member: Viet Ha Bui (Leader) Thuc Anh Nguyen Hai Phuong Nguyen  Country: Viet Nam.

 Team name: Teen Titans  Team member: Viet Ha Bui (Leader) Thuc Anh Nguyen Hai Phuong Nguyen  Country: Viet Nam.
Work2future Workforce Investment Board October 2, 2012.

Work2future Workforce Investment Board October 2, 2012.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
Dark Reading Threat Intelligence Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

Dark Reading Threat Intelligence Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
1 Introduction to Workforce Planning and Development in State of Alaska Executive Branch Departments.

1 Introduction to Workforce Planning and Development in State of Alaska Executive Branch Departments.
2015 GLOBAL CYBERSECURITY STATUS REPORT. 2015 Global Cybersecurity Status Report Companies and government organizations worldwide are focusing on cybersecurity.

2015 GLOBAL CYBERSECURITY STATUS REPORT Global Cybersecurity Status Report Companies and government organizations worldwide are focusing on cybersecurity.
2014 IT Salary Survey: Application Development Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

2014 IT Salary Survey: Application Development Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
2014 IT Salary Survey: Healthcare Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

2014 IT Salary Survey: Healthcare Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
2014 IT Salary Survey: Banking Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

2014 IT Salary Survey: Banking Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
Www.ulster.ac.uk Anil Kashyap and Jim Berry The 3 rd ERES Education Seminar, Paris 7-8 th December, 2007 Real Estate Education in India.

Anil Kashyap and Jim Berry The 3 rd ERES Education Seminar, Paris 7-8 th December, 2007 Real Estate Education in India.
GOOD DAY AT WORK: CONNECTING WELL BEING & THE BUSINESS AGENDA Ann Francke, CEO of CMI  Ttle.

GOOD DAY AT WORK: CONNECTING WELL BEING & THE BUSINESS AGENDA Ann Francke, CEO of CMI  Ttle.
Federal Consulting Group August 2004 Department of Labor Civil Rights Center 2004 Satisfaction Study - Recipients.

Federal Consulting Group August 2004 Department of Labor Civil Rights Center 2004 Satisfaction Study - Recipients.
2014 US IT Salary Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

2014 US IT Salary Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
2014 IT Salary Survey: Networking Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

2014 IT Salary Survey: Networking Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.

Providing Practical Solutions Winning the Talent Wars for Recruiting and Retaining 21 st Century Cyber Engineers Jeff Kubik, PMP, CISSP Sr PM, Praxis Engineering.

Similar presentations

Ads by Google