Finding and retaining workers in IT security continues to be a challenge for organizations, though IT professionals report a modestly increased shortfall of skilled security workers, compared to last year, according to the 2019 Cyberthreat Defense Report from CyberEdge.

The report, published Tuesday, indicates that talent shortages are the second-highest concern among security decision-makers surveyed in the report, with 84.2% of respondents indicating their organizations are having difficulty filling security roles, an increase from 80.9% in 2018.

SEE: Research: As overseas business operations grow so do concerns over cyberwarfare and cybersecurity (Tech Pro Research)

The following IT security roles are most difficult for organizations to fill, according to the report:

  1. IT security administration (34.3%)
  2. Security architect (28.2%)
  3. Security analyst/incident responder (27.6%)
  4. Application security tester (22%)
  5. Compliance auditor (21.6%)

The education market is the most affected by these shortages, with 91.3% of respondents in that field indicating difficulty filling roles. Government and healthcare (81.8% and 81.9%, respectively) are the least affected.

There is noticeable regional disparity–94% of respondents in Japan cited difficulty filling those positions. Wages for IT careers are substantially lower in Japan than in other countries, with attempts to raise wages generally in Japan falling short of expectations. Likewise, Saudi Arabia and Singapore disproportionately reported difficulties filling IT security positions.

Oddly, the report also notes that despite the difficulty in filling those positions, Japan appears to fare substantially better in security than Saudi Arabia, with 87.8% of respondents in the kingdom indicate falling victim to a ransomware attack in the last 12 months, though only 37.8% of respondents in Japan reported the same.

Brazil (65.6%), Germany (74.3%), and Australia (76.1%) were the least impacted by shortages in IT security workers.

For more on security, check out “Why data security is now a top concern for IT leaders,” and “3 emerging technologies IT pros aren’t skilled enough to manage.”