The global cybersecurity workforce is greater than it’s ever been – but demand is still outpacing the supply.
A report by nonprofit organisation ISC2 shows the cybersecurity workforce has reached 5.5 million people, an 8.7 percent increase from 2022, representing 440,000 new jobs. However, there is still a huge shortfall in talent, with 4 million professionals needed to adequately safeguard digital assets.
Additionally, a challenging threat landscape continues to loom over the field, with 75 percent of cybersecurity pros saying the current threat landscape is the most challenging it has been in the last five years.
Only 52 percent believe their organisation has adequate tools and people to respond to cyber incidents over the next two to three years.
Ninety-two percent of cyber pros report skills gaps at their organisation. The top three gaps are cloud computing security (35 percent), artificial intelligence (AI) /machine learning (ML) (32 percent), zero trust implementation (29 percent).
Meanwhile, 47 percent of security pros experienced cutbacks, which included budget cuts, layoffs and hiring and promotion freezes. Thirty-five percent faced cuts to cybersecurity training programs, vital for skills development and workforce growth
Elsewhere, 47 percent of respondents have no or minimal knowledge of AI. Another 47 percent see cloud computing security as the most sought-after skill for career advancement.
“While we celebrate the record number of new cybersecurity professionals entering the field, the pressing reality is that we must double this workforce to adequately protect organisations and their critical assets,” said ISC2 CEO Clar Rosso, CC.
“Amid the current threat landscape, which is the most complex and sophisticated it has ever been, the escalating challenges facing cybersecurity professionals underscore the urgency of our message: organisations must invest in their teams, both in terms of new talent and existing staff, equipping them with the essential skills to navigate the constantly evolving threat landscape. It is the only way to ensure a resilient profession that can strengthen our collective security.”
Addressing the skills gap
The good news is that organisations are actively adopting strategies to strengthen their cybersecurity teams. Survey respondents say their organisations are investing in staff training (72 percent), offering flexible work conditions (69 percent), funding diversity, equity, and inclusion (DEI) programs (68 percent), supporting certifications (67 percent), and expanding their teams by recruiting, hiring and onboarding new staff (67 percent) to prevent or mitigate staff shortages.
Organisations embracing DEI initiatives and adopting skills-based hiring have seen a positive impact, with an average of 25.5 percent women in their workforce compared to 22.2 percent among those who haven’t embraced this initiative. However, there’s still work to be done, as women represent only 26 percent of cybersecurity professionals under the age of 30.
In addition to technical proficiency in various skills, cybersecurity professionals stress the importance of non-technical attributes. Problem-solving skills (45 percent) top the list, followed by curiosity and eagerness to learn (39 percent) and effective communication (38 percent).
