Last year, research suggested that the global cyber workforce today stands at 4.7 million. But while this number is the highest ever recorded by (ISC)², the cybersecurity workforce is still in urgent need of more professionals.
Despite adding 464,000 more cybersecurity professionals in the previous year, (ISC)²’s Cybersecurity Workforce Study for 2022 revealed that 3.4 million more cybersecurity workers are needed to secure assets effectively.
“As a result of geopolitical tensions and macroeconomic instability, alongside high-profile data breaches and growing physical security challenges, there is a greater focus on cybersecurity and increasing demand for professionals within the field,” said Clar Rosso, CEO at (ISC)². “Professionals are saying loud and clear that corporate culture, experience, training and education investment and mentorship are paramount to keeping your team motivated, engaged and effective.”
Growing the cybersecurity landscape
As organisations face a shortage of cybersecurity workers - 70% of respondents told (ISC)² their organisation does not have enough cybersecurity employees - staff deficits could be putting businesses at a "moderate" or "extreme" risk of a cyberattack.
To combat this, building a skilled and competent cyber workforce is essential. “For growth industries like cybersecurity, there is simply not enough staff to meet current sector challenges,” comments Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster university. “Cybertheft is becoming the fastest growing crime in the world, yet there is still a vast talent gap across the industry. Naturally, this is driving up wages for the most sought-after roles and this will likely continue into the foreseeable future. This should motivate any young person considering a career in this field right now.
“Cybersecurity is a top priority due to the core nature of digital systems in daily life. However, like many other sectors, we are seeing an increase in resignations, with cyber leaders citing stress, burnout or fear of escalating attacks as the driving factors. This is a cause for concern as cybersecurity is a crucial pillar of any IT system. If this trend continues, this will have long-lasting implications on the sector.
“Therefore, it is crucial that we maintain a steady supply of diverse, highly skilled professionals to meet the needs of our growing digital economy,” Curran adds. “There needs to be a collective effort from businesses, industry groups, schools and universities to encourage more young people to enter the industry.”
Boosting cyber awareness from grass-root level
As Prof Curran describes, it is important for those wanting to pursue a career in cybersecurity to adopt soft skills including patience, willingness to listen, work in a team and be able to write reports.
“Technical skills are also important depending on the sector the candidate is interested in,” he comments. “For instance, someone who works in malware would require good code skills for reverse engineering malware whereas someone who works within network security needs a firm understanding of configuring networks, network services, vulnerabilities, and firewalls. Many of the larger companies have a vested interest in offering certifications. These can be of high quality and can provide a way in for those looking to kick start their cybersecurity careers.”
Currently, college degrees are still the most appropriate means to secure a career in cybersecurity: “Of course, the subjects or courses will change greatly in the coming years, but the prestige offered by university degrees will still be the desirable mode of training,” Curran adds. “Having said this, apprenticeships will always play a role as they have done in many engineering disciplines in the past. However, this will naturally require further investment and greater collaboration between government and industry leaders.”
Where should the cybersecurity industry be focusing its efforts?
At the moment, there is a demand for cloud security experts. However, in the future, it will be difficult to find professionals with the necessary skills required to secure a cloud infrastructure, especially as the platform grows in complexity, Curran predicts. “Even now, it is hard to find cybersecurity staff with good experience in this area. As the technology evolves, new challenges will arise resulting in even more high paying specialist jobs in this area.”
Cloud security is crucial for several reasons. “Firstly, it protects sensitive data stored from unauthorised access, theft, and loss,” says Curran. “It also helps organisations comply with industry regulations and privacy standards, builds customer trust and gives companies a competitive edge. This is just one example of why there needs to be more security professionals in the field. It is also important to remember that cloud security follows a shared responsibility model, customers are equally responsible for securing their data and applications. It ensures business continuity and disaster recovery by providing redundancy and high availability.
“Cloud is an area of cybersecurity that will be vital to the future of everyday business. It offers so many avenues and potential job roles. It should be noted that government and industry leaders lay the necessary foundations for candidates to pursue this career path.”
The future of the cybersecurity industry
As the cybersecurity landscape is constantly changing, businesses need to adapt and plan ahead, by providing plenty of opportunities for staff to learn, progress and take charge of their careers,” Curran explains. “At the same time, the education sector also has a responsibility to address the talent shortage and make students more aware of the opportunities available in the sector. Cybersecurity is a challenging but incredibly rewarding career. Addressing the talent shortage will require a collective effort from industry, schools, and universities.”