Cyber Skills Shortages Stands At Four Million

A shortage in the global cybersecurity workforce continues to be a problem for companies in all industries and of all sizes.  The technology industry has never seen anything quite like it.

Seasoned cyber pros typically earn $95,000 a year, often markedly more and yet job openings can linger almost indefinitely. 

The ever-leaner cybersecurity workforce makes many companies desperate for help. In an era of high-profile data breaches and devastating cyberattacks, cybersecurity impacts every individual and every organisation.  Global IT security skills shortages have now surpassed four million

According to the international certifcation organisation (ISC)2 the number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year. This includes 561,000 in North America and a staggering 2.6 million short fall in APAC. The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.

(ICS)2 have released their  latest Cybersecurity Workforce Study based upon interviews with over 3200 security professionals around the world. The report estimates the current global workforce at 2.93 million, including 289,000 in the UK and 805,000 in the US. Nearly two-thirds (65%) of responding organisations reported a shortage of cybersecurity staff, with a lack of skilled or experienced security personnel their number one workplace concern (36%).

Over half (51%) of cybersecurity professionals said their organisation is at moderate or extreme risk due to staff shortages.
four key strategies to help organisations tackle such shortages. These include in-house training and development and setting applicant qualification requirements at the right level to ensure as wide a net as possible is cast.

(ISC)2 also stressed the need to attract new workers from other professions, or recent graduates with tangential degrees, as well as seasoned professionals from consulting and contracting sectors. Organizations should look to strengthen from within by cross-training existing IT professionals where appropriate. In an era of high-pro le data breaches and devastating cyberattacks, cybersecurity impacts every individual and every organisation. 

Top Job Concerns Among Cybersecurity Professionals include: 

  • 36% Lack of skilled/experienced cybersecurity security personnel 
  • 28% Lack of standard terminology for effective communication 
  • 27% Lack of resources to do my job effectively 
  • 24% Lack of work-life balance 
  • 24% Inadequate budget for key security initiatives 

Cybersecurity professionals are more than twice as likely to be male, meaning there is an under-tapped demographic available for recruiting if companies can position the role in a way that overcomes common stereotypes. 30% of survey respondents were women. 

Among respondents with security-specific titles, 23% of study participants were women. The highest percentage of women cybersecurity professionals came from Latin America (39%) and North America (34%). 

The 2019 (ISC)2 Cybersecurity Workforce Study is based on online survey data collected in June and July 2019 from 3,237 individuals responsible for security/cybersecurity at work throughout North America, Europe, Latin America (LATAM) and Asia-Pacific (APAC).  The sample within each country was controlled to ensure a mix of company sizes and industries. 

InfoSecurity Magazine:          ISC2:

You Might Also Read:

Britain’s Cybersecurity Skills Gap:


 

 

« British Police At War Against Cyber Crime
Four Security Principles For For Small Business »

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Need to Evolve to a Risk-Based Vulnerability Management Strategy but Don’t Know How? This Guide Will Show You.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

Orange Cyberdefense

Orange Cyberdefense

Orange Cyberdefense is the expert cybersecurity business unit of the Orange Group, providing managed security, managed threat detection & response services to organizations around the globe.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

European Network for Cyber Security (ENCS)

European Network for Cyber Security (ENCS)

ENCS’s core focus is around educating and solving cyber security challenges in the development and operation of energy grids across Europe.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.