Cyber professional demand is high as the sector expands

Rapid changes in the past year have led to increasing demand for cyber professionals, which has also left some workforces lacking the correct skills

There has been a decrease in the global workforce shortage for the second consecutive year from 3.12 million down to 2.72 million cybersecurity professionals, finds a new study by (ISC)².

(ISC)², the world's largest nonprofit association of certified cybersecurity professionals, revealed these figures, after releasing its 2021 (ISC)2 Cybersecurity Workforce Study

The study shows updated figures for both the Cybersecurity Workforce Estimate and the Cybersecurity Workforce Gap in 2021, provides insights into the makeup of the profession and explores the challenges and opportunities that exist for professionals and hiring organisations.

 

A huge gap in the workforce

The study showed there are two significant contributing factors to this year's workforce gap estimate. The first is that 700,000 new entrants joined the field since 2020, contributing to a sharp increase in the available supply, now up to 4.19 million people. The second is that the workforce gap for every region other than Asia-Pacific increased.

Data suggests that slower economic recovery from the pandemic and its impact on small businesses and critical sectors like IT services (a major cybersecurity employer in the region) is contributing to the relative softness in demand for cybersecurity professionals compared to North America, Europe and Latin America. However, Asia-Pacific still has the largest regional workforce gap of 1.42 million.

"Any increase in the global supply of cybersecurity professionals is encouraging, but let's be realistic about what we still need and the urgency of the task before us," said Clar Rosso, CEO, (ISC)². "The study tells us where talent is needed most and that traditional hiring practices are insufficient. We must put people before technology, invest in their development and embrace remote work as an opportunity. And perhaps most importantly, organisations must adopt meaningful diversity, equity and inclusion practices to meet employee expectations and close the gap."

 

Lacking skills and expecting too much of staff

The study uncovered that avoidable consequences occur when cyber security staff is stretched too thin. Participants said they experienced misconfigured systems (32%); not enough time for proper risk assessment and management (30%); slowly patched critical systems (29%); and rushed deployments (27%).

Participants also offered opinions on what specialised skills and roles their teams lack, aligned with the roles outlined in the U.S. government's National Initiative for Cybersecurity Education (NICE) Framework. They cited categories such as Securely Provision (48%); Analyze (47%); and Protect and Defend (47%) as the top areas of need, but the data also shows a strong need for help across all roles.

 

Remote working has drastically impacted security and the workforce

The percentage of cyber security professionals working remotely in some capacity due to the pandemic remains unchanged at 85%; however, 37% report they must now come to the office at times compared to 31% in 2020. In addition to the advantages of remote work as a public health measure, organisations cited improved workplace flexibility (53%); accelerated innovation and digital transformation efforts (37%); and stronger collaboration (34%) as some of the ways the pandemic has changed their organizations for the better.

Security challenges arising from remote workforces included rapid deployment of new collaboration tools (31%); lack of security awareness among remote workers (30%); and rising concern for the physical security of distributed assets (29%). 

 

Share

Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security