Cyber professional demand is high as the sector expands

Share
Rapid changes in the past year have led to increasing demand for cyber professionals, which has also left some workforces lacking the correct skills

There has been a decrease in the global workforce shortage for the second consecutive year from 3.12 million down to 2.72 million cybersecurity professionals, finds a new study by (ISC)².

(ISC)², the world's largest nonprofit association of certified cybersecurity professionals, revealed these figures, after releasing its 2021 (ISC)2 Cybersecurity Workforce Study

The study shows updated figures for both the Cybersecurity Workforce Estimate and the Cybersecurity Workforce Gap in 2021, provides insights into the makeup of the profession and explores the challenges and opportunities that exist for professionals and hiring organisations.

 

A huge gap in the workforce

The study showed there are two significant contributing factors to this year's workforce gap estimate. The first is that 700,000 new entrants joined the field since 2020, contributing to a sharp increase in the available supply, now up to 4.19 million people. The second is that the workforce gap for every region other than Asia-Pacific increased.

Data suggests that slower economic recovery from the pandemic and its impact on small businesses and critical sectors like IT services (a major cybersecurity employer in the region) is contributing to the relative softness in demand for cybersecurity professionals compared to North America, Europe and Latin America. However, Asia-Pacific still has the largest regional workforce gap of 1.42 million.

"Any increase in the global supply of cybersecurity professionals is encouraging, but let's be realistic about what we still need and the urgency of the task before us," said Clar Rosso, CEO, (ISC)². "The study tells us where talent is needed most and that traditional hiring practices are insufficient. We must put people before technology, invest in their development and embrace remote work as an opportunity. And perhaps most importantly, organisations must adopt meaningful diversity, equity and inclusion practices to meet employee expectations and close the gap."

 

Lacking skills and expecting too much of staff

The study uncovered that avoidable consequences occur when cyber security staff is stretched too thin. Participants said they experienced misconfigured systems (32%); not enough time for proper risk assessment and management (30%); slowly patched critical systems (29%); and rushed deployments (27%).

Participants also offered opinions on what specialised skills and roles their teams lack, aligned with the roles outlined in the U.S. government's National Initiative for Cybersecurity Education (NICE) Framework. They cited categories such as Securely Provision (48%); Analyze (47%); and Protect and Defend (47%) as the top areas of need, but the data also shows a strong need for help across all roles.

 

Remote working has drastically impacted security and the workforce

The percentage of cyber security professionals working remotely in some capacity due to the pandemic remains unchanged at 85%; however, 37% report they must now come to the office at times compared to 31% in 2020. In addition to the advantages of remote work as a public health measure, organisations cited improved workplace flexibility (53%); accelerated innovation and digital transformation efforts (37%); and stronger collaboration (34%) as some of the ways the pandemic has changed their organizations for the better.

Security challenges arising from remote workforces included rapid deployment of new collaboration tools (31%); lack of security awareness among remote workers (30%); and rising concern for the physical security of distributed assets (29%). 

 

Share

Featured Articles

BT's Security Chief: Why AI Poses Such a Risk to Security

BT’s security chief Tris Morgan says the telecommunications group logs 200 million potential cyber attacks daily as AI drives new security challenges

How Supply Chain Cyber Threats Cost The Global Economy

Interos.ai reports physical infrastructure attacks and AI system vulnerabilities emerging as primary concerns for security leaders

How Kroll and DORA Tackle Supply Chain Cybersecurity Risks

Kroll experts highlight critical measures IT providers must adopt to protect supply chains from cyber attacks and mitigate risks from AI-enabled threats

VCARB & Dynatrace Accelerate AI For F1 Racing Performance

Technology & AI

Apple's Siri: How The Most Private AI Assistant Works

Operational Security

How The UK’s AI Plan Will Impact The Cybersecurity Sector

Technology & AI