The definitive discussion of the skills shortage
As I've mentioned before, I believe that what you hear about a critical shortage of information security professionals is complete and total nonsense. It seems that a recent article on the IEEE Spectrum web site comes to roughly the same conclusion, although they're talking about the more general case of employers having trouble finding the right people.
A quick summary of what's happening is that employers are doing a terrible job in looking for potential employees. And they're suffering for it. And the problems are exactly the ones that your common sense would tell you exist.
This particular article is an interview with Peter Cappelli, a professor at Wharton, and in it Cappelli talks about his recent book Why Good People Can't Get Jobs: The Skills Gap and What Companies Can Do About It, which takes a closer look at this very topic. It's certainly looks like something that HR people should take a look at.
As I've said before, market forces will usually correct problems like what's being perceived as a shortage of information security professionals, but market forces can also be somewhat harsh in how they get to the right solution and can cause lots of pain as they do this. Cappelli's suggestion seems to be that to avoid this pain that you should do pretty what common sense tells you that you should do.
But that's not what HR people are doing right now, and that's pretty much the root of the current problem.