Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

New Trustwave Study Shows 57 Percent of IT Security Professionals Struggle to Find Talent

Study Reveals Corporate Security Demands Outpace Available Talent at Alarming Rates

CHICAGO - January 18, 2017 - Trustwave and Osterman Research today released results of a new study on cybersecurity resource limitations that quantifies the challenges businesses face around recruitment of IT security talent, identification of the skills sets they require, the level of control they have over their IT security budgets, and other pertinent matters related to IT security management. The study reveals that corporate security demands still outpace the available talent at alarming rates.

Based on an Osterman Research survey of 147 IT security decision makers and influencers, the study shows that a fast-moving confluence of skills shortages, worsening threats and disproportionate spending habits is leaving organizations increasingly vulnerable to data breaches, malware, phishing and a variety of other information security problems that can have serious or even devastating consequences.

According to the study, 57 percent of respondents say finding and recruiting IT talent are their biggest challenges. In fact, only eight percent believe three-quarters or more of their staff have the specialized skills and training needed to handle complex issues. The report also shows that throwing bodies at the problem doesn't cut it -- more than three times as many respondents would rather grow their staff's skills and expertise than grow the number of people on their team. Further, skills are lacking in key areas with about 40 percent of respondents saying their most inadequate skill sets are in emerging and evolving security threats.

Trustwave Senior Vice President of Managed Security Services Chris Schueler, commenting on the study, said "The shortage of staff able to solve complex security issues is an industry problem that continues to worsen, but the way organizations are going about filling this void is all wrong. Typical recruiting methods are not proving fruitful yet we keep seeing enterprises simply throwing bodies at the problem when what is really needed is better staff training, more budget support to hire the right personnel and additional assistance from experienced third-party experts to help amplify the more complicated and demanding areas of security like testing, monitoring and incident response."

Other key findings from the "Money, Minds and the Masses: A Study of Cybersecurity Resource Limitations" report include:

  • A good IT security staffer is hard to find - Finding and recruiting talented IT security staff members with the right skill sets is a "significant" or "major" challenge for 57 percent of organizations. Retaining these people is also viewed as a difficult problem by more than a third of respondents.
  • Most lack essential skills and training - The majority of respondents believe that less than one-half of their IT security departments have the specialized skills and training to handle complex issues. Only one in nine respondents believe it is "very likely" they will have IT security staff available to meet their security demands in the future.
  • A perception of high turnover among IT security staff - Thirty-six percent of respondents say turnover is higher among IT security professionals than in other parts of the organization.
  • Most lack full control over their IT security budgets - Only 24 percent of respondents say they have complete control over their annual IT security budget. While another 51 percent they have partial control.
  • Some have little to no control - More alarming, 24 percent believe they have little to no control over their IT security budgets. Seven out of 10 organizations report disagreements between IT and senior management on budget and staffing issues.
  • IT security pros have difficulty anticipating future skills needs - One-third of respondents say they have trouble identifying the IT security skills and competencies they need. Nearly half believe the problem will get worse.

Osterman Research President Michael Osterman said, "We are in a time where organizations are facing a serious shortage of IT security staff members, both in the number available to fill vacant positions, and in terms of specialized skill sets that these individuals need to have. Failure to source IT capabilities can lead to a range of problems, resulting in data breaches and compliance violations. Organizations need to ensure their IT departments establish a close relationship with senior management to find ways to solve these shortcomings, whether by finding the right individuals or through hiring managed security services providers that can help address the gaps and increase protections."

"Trustwave has the industry's leading approach and tools to identify, prevent and remediate illegal e-commerce activity," said Michael Petitti, senior vice president of global alliances at Trustwave. "Integrating the new transaction laundering detection service into our web risk monitoring service offers acquiring banks, processor, gateways and ISOs a powerful tool to help protect their reputation and comply with card brand standards. With more than 20 years of experience in the payment industry, Trustwave is proud to help these organizations expand their risk mitigation capabilities and provide additional security services to their merchants."


Osterman Research conducted an online, primary market research survey in August and September 2016 using its survey panel of IT decision makers and influencers. A total of 147 surveys were completed. To qualify for the survey, respondents had to be decision makers, influencers or recommenders in the context of their organization's IT security infrastructure and management. Of the 147 who completed the survey, 74 were decision makers, 49 were influencers and 24 were recommenders.


To download a complimentary copy of "Money, Minds and the Masses: A Study of Cybersecurity Resource Limitations," which includes recommendations, visit:


Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit


All trademarks used herein remain the property of their respective owners. Their use does not indicate or imply a relationship between Trustwave and the owners of such trademarks.

Latest News Releases

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in Public Sector

Chicago – May 14 – Trustwave, a leading cybersecurity and managed security services provider, today released a comprehensive report titled "2024 Public Sector Threat Landscape: Trustwave Threat...

Read More

Trustwave Named as a Leader in the 2024 IDC MarketScape for Worldwide Emerging MDR Services

Chicago – May 7, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today announced its placement in the Leaders Category in the IDC MarketScape: Worldwide Emerging...

Read More

Trustwave Welcomes Keith Ibarguen as Senior Vice President of Engineering

Chicago – May 2, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today announced the appointment of Keith Ibarguen as Senior Vice President of Engineering. In this...

Read More