Cloud computing: Security staff lack right skills

Businesses are taking to the cloud without ensuring their IT security staff are trained to cope...

IT security professionals lack the skills to cope with the widespread adoption of new technologies, including cloud computing, according to a survey by research firm Frost & Sullivan.

The report found that businesses are pushing ahead with technologies such as cloud computing, social networking and mobile devices, even though many of their IT security specialists have not been trained to work with them.

IT security professionals require detailed training in cloud computing to keep up with business adoption of cloud services

IT security professionals require specific training in cloud computing to keep up with business adoption of hosted services
Photo: Shutterstock

Cloud computing is seen by businesses as an effective way of reducing IT costs and increasing flexibility but several security issues remain barriers to cloud adoption, including compliance and data protection.

Analyst house Gartner forecasts that revenue from cloud computing will increase by 19 per cent in 2011 as more businesses adopt cloud services, and the survey by Frost & Sullivan suggests IT professionals do not have the skills to cope with this increase.

Half of the IT security professionals surveyed by Frost & Sullivan said they had private clouds in place with more than 40 per cent using software as a service (Saas), but more than 70 per cent thought they needed new skills to secure cloud-based technologies properly.

The Frost & Sullivan report also found that of all the challenges faced by the IT security industry, cloud computing was the one area where security professionals said there was a need for more training because the skills required differ from traditional security skills. Of those surveyed, 92 per cent of IT security professionals said they required training that would give them "a detailed understanding of cloud computing".

Mobile devices represented the second highest area of concern among the security professionals surveyed, with 66 per cent rating mobile devices as a top or high concern, even though they also reported having policies and tools in place to deal with them. Frost & Sullivan believes this means "mobile security could be the single most dangerous threat to organisations for the foreseeable future".

Social networking was also highlighted as a challenge, with the survey finding that security policies for social networking were inconsistent. Just under 30 per cent of IT security professionals reported that they had no organisational restrictions on the use of social media.