Customers don't have the skilled staff to man the security barricades

It has become increasingly clear over the past year that the problems that users are encountering finding staff with security skills leaves a gap that the channel could be in a position to fill.

Those channel players that have been able to build up a team of experts are in a strong position and have a sizeable market base to go after, according to Gartner.

The analyst house has found that although almost all CIOs it quizzed expected cyber threats to increase in the next three years only 65% had a security expert on the payroll.

Gartner's 2018 CIO Agenda Survey revealed that across the globe security is a top concern and not a problem that is going to go away anytime soon.

"In a twisted way, many cybercriminals are digital pioneers, finding ways to leverage big data and web-scale techniques to stage attacks and steal data," said Gartner research director Rob McMillan.

"CIOs can't protect their organizations from everything, so they need to create a sustainable set of controls that balances their need to protect their business with their need to run it," he added.

The view from the analyst house is that there needs to be more focus on the R word with risk the factor that should drive behvaiour.

"Taking a risk-based approach is imperative to set a target level of cybersecurity readiness," he added "Raising budgets alone doesn't create an improved risk posture. Security investments must be prioritized by business outcomes to ensure the right amount is spent on the right things."

Vendors are moving to make it easier for resellers to help users with risk profiling and talking with MicroScope last week the CEO of SonicWall Bill Conner confirmed that was an area that it was working on to arm partners having discussions with customers.

Risks are not only going to increase because of the increased number of threats but because of the ambition of most CIOs to grow their businesses. Gartner points out that increased business means a larger ecosystem of suppliers, partners and channels and more points of attack for those with criminal intentions.

The situation is exacerbated by the skills shortage in the cyber security segment and CIOs told Gartner it was inhibiting innovation.

"Finding talented, driven people to handle the organization's cybersecurity responsibilities is an endless function," said McMillan.

Attempts to try to solve the security skills crisis have included reaching out internally in companies to staff that want to go through training as well as reaching out to groups of people that have never worked in the industry before.

“The demand for cyber security specialists is at an all-time-high. I refuse to sign up to the industry’s self-serving charade that only those with special technical skills can enter the profession," said Brian Lord, managing director at Protection Group International (PGI).

The firm has been running courses to reach out to women that have little or no cyber security experience to come up with an answer to the skills shortage.

"No-one doubts there are jobs where deep technical expertise is required, but there are many more that are either non-technical or require a basic entry level technical knowledge that can be taught.  35% of organisations are unable to fill open security jobs, even though 82% expect to be attacked this year, and the industry is killing itself by creating artificial barriers to entry for 50% of the working population," he added.