Accessibility Links

Where are the Shortages in the Cybersecurity Skills Market?

Date: 06 December 2018

The demand for cybersecurity professionals is soaring. Gartner predicts that global security spending will reach $96 billion in 2018, placing relentless pressure on hiring departments to attract and retain the top cybersecurity talent to protect their organization from a serious data breach.

 But the sector is facing a major skills shortage;

  • One report predicts a staggering 3.5 million open jobs by 2021.
  • The introduction of the EU’s GDPR (General Data Protection Regulation) more than tripled demand for cybersecurity professionals between February and June of this year.
  • Australia has only 7% of the skills it needs to address security risks.
  • Experts anticipate that Canada’s aim to create a global hub for cybersecurity will be unachievable without addressing its national skills shortage.
  • Demand is pushing up average salaries for cybersecurity professionals, which currently stands at c$117,000.
  • Over three quarters of UK CIOs believe security threats will increase over the next five years as a direct result of their inability to hire the right talent.

In the US, the Bureau of Labor Statistics predicts a 28% growth in cybersecurity jobs from 2016 to 2026, a much more rapid increase than in any other sector.

According to Indeed, IT security specialists top the list of jobs with the most postings in 2018, followed by information security analysts and networking security engineers in second and third place respectively. Washington DC tops the list of metros with the highest number of openings for cybersecurity professionals, followed by New York and Dallas Fort-Worth - but no region is immune. California recorded 35,000 cybersecurity job openings in the year to March 2018, with a further increase of 14,300 predicted in the next 12 months.

Addressing the cyberskills shortage

Two key areas offer the potential to address the relentless demand for cybersecurity talent:

Reduce gender bias

Companies must do more to embrace inclusivity and flexible working to empower women across the sector. At present, only 20% of the cybersecurity workforce are women, albeit some studies suggest a significantly lower figure. Promoting positive role models by elevating female talent in your organization also helps to attract more women into cybersecurity jobs. After the US, Israel is the world’s largest exporter of cyber technology and boasts a growing female talent pool. 15% of the country’s newly established cybersecurity teams in 2017 were founded by women. Across the EMEA, Deloitte last month launched its Women In Cyber initiative to specifically address the gender gap.

Investment in education and training

The SANS 2018 SOC (Security Operation Center Survey) Report named the lack of skilled cybersecurity staff as the top challenge facing organizations today and it’s applicant quality that is the problem, not quantity.

Employers can’t hire fast enough and are calling for more specific training to prepare newly qualified graduates to face the reality and myriad challenges that a career in cybersecurity entails.

American education institutions are responding by establishing cybersecurity degree programs. The University of West Florida is among the latest to add a Bachelor’s degree in cybersecurity as demand for graduates reaches a record high. The shortage in the state currently stands at an estimated 13,500. What’s more, cyber ranges are the latest training tool adopted by Universities including Florida, Georgia, Virginia and Arkansas to ensure graduates are equipped with the vital skills needed for their career.

Acquire cloud security start-ups

A growing trend we have seen during 2018 is that companies, who have been struggling to recruit skilled cybersecurity staff, are now acquiring their own cloud security start-ups. Cybersecurity start-ups can often be more agile and innovative than more established brands and provide a better service. For skilled tech professionals they often act as talent magnets, so while radical, it is often a justifiable business decision.

To enhance the likelihood of success, we recommend:

  • Performing a due diligence check
  • Reviewing the business and technical backgrounds of employees.
  • Carrying out a full assessment of the start-ups own security practices.

A further alternative is for employers to build out their own specialized cloud divisions to keep up with rising demand.  Earlier this year, tech products distributor Ingram Micro did just that, launching its independent software division, Cloudblue, in partnership with Microsoft Azure.

 Streamlining your hiring strategy

Will these initiatives be sufficient to bridge the widening talent gap? Only time will tell.

For now, employers can take steps to streamline their cyberskills hiring strategy with the following steps:

  • Tap into the gig economy or remote working/satellite options. Indeed latest data highlights the impact of a high cost of living on salaries in cities such as San Francisco where it may prohibit your ability to attract the top talent.

  • Focus on the candidate experience. Competition is tough so focus on creating a quick and well-defined interview process.

For more information about these hiring trends and more, get in touch with Glocomms today.