Mind The Gap: Surviving The Technical Security Skills Crisis
Principal Analyst serving Security & Risk Professionals
Forrester Research, Inc.
Andrew's research contributes to Forrester's offerings for the Security & Risk Professional. He is a proven security leader, capable of transforming security teams into highly effective groups and driving efficiencies to deliver results with limited resource. Andrew is a leading expert in information security and risk management, ISO27001 frameworks, supplier review, and business engagement; information security policy development; information security strategy; and governance, risk, and compliance (GRC) initiatives.
Prior to joining Forrester, Andrew was a CISO in the legal sector. He transformed security management for two major global firms, revising policies, setting strategy, introducing IT audit, and developing the maturity of the security teams. Ultimately, he led both firms to ISO27001 certification. Andrew was chairman of the Legal Security Forum, the industry's information security special interest group, and worked with the industry regulators to define and communicate best practices. Before entering the legal sector, Andrew worked in the insurance industry providing security consultancy and developing IAM teams. He has been a regular columnist for several risk-focused magazines and recently retired from the UK ISSA Executive Advisory Board.
Andrew holds a master's degree in information security from Westminster University. Andrew is also a certified information systems security professional (CISSP), a certified information security manager (CISM), certified in risk and information systems control (CRISC), and a trained ISO27001 lead auditor.
Researcher, Serving Security & Risk Professionals
Forrester Research, Inc.
Nick is a Researcher serving Security & Risk Professionals. His research is dedicated to the organizational and strategic elements of building a successful governance, risk management, and compliance (GRC) program, including a focus on culture, communications, and other human aspects of GRC. Specific areas of expertise include how organizations can improve corporate culture as well as best practices for dealing with the emerging risk and compliance challenges of social media. Nick works with clients to understand industry benchmarking data and best practices to implement effective change. In addition to the focus areas described above, he has experience delivering consulting and advisory work in areas including enterprise and IT risk management, information security program effectiveness, security awareness, and security services.
Previous Work Experience
Prior to his current role as a researcher, Nick was a senior research associate on Forrester's Security & Risk team. In that role, he interviewed hundreds of IT professionals and technology vendors while conducting primary and secondary research for Forrester reports and consulting engagements. Before joining Forrester, Nick studied government at Wesleyan University with a focus on international politics, working on topics such as international security and foreign policy.
Nick graduated from Wesleyan University with a B.A. in government.
Director - North American Security Consulting and Delivery
Jack Danahy is the Director for North American Security Consulting and Delivery at IBM. Previously, Jack was IBM’s Director for Advanced Security, and is an international speaker and writer on topics of software, system, and data security. Jack is the original founder and CEO of two successful security software companies: Ounce Labs, sold to IBM in July of 2009, and Qiave Technologies, sold to Watchguard Technologies in 2000. He holds five patents in a variety of security technologies including secure distributed computing, software analysis, and secure system management. He is a distinguished fellow in the highly respected Ponemon Institute, a Computerworld Honors Laureate, and has contributed to the development of legislation on computer security in both the U.S. House and Senate. He is concerned and active within the public and private sectors on issues of cyber security, secure systems development and acquisition, and the strategic balance between business needs and security controls.
Are you having a hard time finding and hiring qualified IT security staff – and retaining them on staff? If so, you are not alone. There is a widespread technical security skills crisis, and the situation is not going away any time soon. Forrester and IBM, in a joint research study, have probed deeper into this problem to offer solutions.
Join this webinar to hear from Andy Rose (Principal Analyst, Security & Risk group – Forrester Research), Nick Hayes (Lead Researcher, Security & Risk group – Forrester Research), and Jack Danahy (IBM Security Services executive) as they discuss the security skills gap and insights gained from the recent research study. As you struggle to increase security funding and headcount, this webinar will help you make the case for both. Attend this webinar to learn:
- How this problem puts your company at risk – today, 92 percent of security decision-makers report that staffing issues are contributing to heightened levels of risk
- The prognosis of the industry – the situation is only getting worse, say survey participant
- The future of IT security – forward-thinking security leaders are looking to new solutions and approaches, including partnering with managed security services providers (MSSPs)
Attend this webinar to hear key recommendations for preparing for a future when technical skills will be in even higher demand.