Cyber Security Talent Crunch - 3.5m Jobs Vacant

Uploaded on 2019-12-20 in JOBS-Careers, FREE TO VIEW

There is a serious shortage of cybersecurity professionals and the gap is expected to lead to at least three and a half million jobs being vacant within the next year according to the experts at Cybersecurity Ventures - an increase of 2.5 million since 2014.
 
This cyber employment figure has been validated by hundreds of media outlets, including the world’s largest, as well as industry associations, universities, governments, vendors, recruitment firms, and security experts. According to (ISC2) there are currently nearly 3 million unfilled cybersecurity jobs worldwide and employees who take on these roles play a key role in the enterprise.
 
As cybercriminals grow more sophisticated and news of major hacks reach headlines nearly daily, cybersecurity professionals are in high demand. 
 
Data breaches can cause devastating financial losses and affect an organisation’s reputation for years. From lost business to regulatory fines and remediation costs, data breaches have far reaching consequences.The annual Cost of a Data Breach Report, conducted by the Ponemon Institute and sponsored by IBM Security, analyzes data breach costs reported by 507 organisations across 16 geographies and 17 industries. hey found  the average cost of a data breach worldwide is about $3.62 million. 
 
If you are interested in pursuing a career in cybersecurity and don't know where to start, here's your go-to guide to salaries, job markets, skills, and common interview questions in the field.
 
Why is there an increased demand for cybersecurity professionals?
Cybercrime has exploded in the past couple of years, with major ransomware attacks such as WannaCry and Petya putting enterprises' data at risk. The rise of the Internet of Things (IoT) has also opened up new threats. To protect their information and that of their clients, companies across all industries are seeking cybersecurity professionals to secure their networks.
However, many enterprises face difficulties filling these positions: 55% of US organisations reported that open cybersecurity positions take at least three months to fill, while 32% said they take six months or more, according to a 2017 ISACA. And 27% of companies said they are unable to fill cybersecurity positions at all. 
 
Cybersecurity remains a relatively new field compared to other computer sciences, so a lack of awareness is part of the reason for the talent shortage, according to Lauren Heyndrickx, CISO at JCPenney. Misconceptions about what a cybersecurity job actually entails are common, and might be part of the reason few women and minorities go into the field, she added. 
 
Women now make up 24% of the cybersecurity workforce, and 45% of those women are millennials, according to an and it's likely that these numbers will continue to grow over time.
 
A job in cybersecurity can also command a high paycheck: The average salary for an information security analyst in the US is $98,350, according to the US Bureau of Labour Statistics and it's significantly higher in cities such as San Francisco and New York. 
 
The shortage of trained cybersecurity professionals has led many organisations to seek other non-traditional candidates to fill these roles. To help those interested in the field better understand how to break into a career in cybersecurity, we've pulled together the most important details and resources.
 
  • Why is there an increased demand for cybersecurity professionals? Cybercrime has exploded in the past couple of years, with major ransomware attacks such as WannaCry and Petya putting enterprises' data at risk. To protect their information and that of their clients, companies across all industries are seeking cyber professionals to secure their networks.
  • What are some of the cybersecurity job roles? A career in cybersecurity can take the form of various roles, including penetration tester, chief information security officer (CISO), security engineer, incident responder, security software developer, security auditor, or security consultant.
  • What skills are required to work in cybersecurity? The skills required to work in cybersecurity vary depending on the position and company, but generally may include penetration testing, risk analysis, and security assessment. Certifications, including Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP) are also in demand, and can net you a higher salary in the field.
  • Where are the hottest markets for cybersecurity jobs? Top companies including Apple, Lockheed Martin, General Motors, Capital One, and Cisco have all been hiring cyber professionals in recent years. Industries such as healthcare, education, and government are most likely to suffer a cyberattack, which will probably lead to an increase in the number of IT security jobs in these sectors.
  •  What is the average salary of a cybersecurity professional? The average salary for a cybersecurity professional depends on the position. For example, information security analysts earn a median salary of $98,350 per year, according to the US Bureau of Labour Statistics. Meanwhile, CISOs earn a median salary of $221,991, according to Salary.com. Salaries are significantly higher in certain cities, such as San Francisco and New York. 
  • What are typical interview questions for a career in cybersecurity? Questions can vary depending on the position and what the specific company is looking for, according to Forrester analyst Jeff Pollard. For entry and early career roles, more technical questions should be expected. As you move up the ranks, the questions may become more about leadership, running a program, conflict resolution, and budgeting. 
  • Where can I find resources for a career in cybersecurity? ISACA, (ISC2)), ISSA and The SANS Institute are national and international organisations where you can seek out information about the profession as well as certification and training options. A number of universities and online courses also offer cybersecurity-related degrees, certifications, and prep programs.
 
US Bureau of Labor:       TechRepublic:            IBM:           ZDNet:         SC Magazine
 
You Might Also Read:
 
Cyber Security Training Ans Jobs:
 
Cyber Security Training That Employees Don’t Hate:
 
 
« Cyber Spying, Digital Theft & Espionage
Cyber Security 2020 - Some Other Predictions »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Nixu

Nixu

Nixu is the largest Nordic specialist company in information security consulting.

Finnish Information Security Cluster (FISC)

Finnish Information Security Cluster (FISC)

FISC is an organization established by major Finnish information security companies to promote their activities nationally and internationally.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Cyentia Institute

Cyentia Institute

The Cyentia Institute is a research & data science firm with a mission to advance knowledge in the cybersecurity industry.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

Nardello & Co

Nardello & Co

Nardello & Co. is a global investigations firm with experienced professionals handling a broad range of issues including Digital Investigations & Cybersecurity.

UST

UST

UST is a global provider of digital technology and transformation, IT services and solutions including managed security services.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

QEDIT

QEDIT

QEDIT is leading the standardization of Zero-Knowledge Proofs through the ZKProof.org Workshops, and builds production-grade ZKP systems for blockchain.

SEALSQ

SEALSQ

For the last 25 years, SEALSQ have been developing secure semiconductor chips, secure embedded firmware, and tested hardware provisioning services to serve the vision of a safer connected world.

Jitterbit

Jitterbit

Jitterbit integrates critical business processes and enables application development to deliver the experiences and insights needed by enterprises of all sizes to accelerate their digital journey.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

Luxembourg House of Cybersecurity (LHC)

Luxembourg House of Cybersecurity (LHC)

Luxembourg House of Cybersecurity (formerly SecurityMadeIn.lu) is the backbone of leading-edge cyber resilience in Luxembourg.