Cyber workforce demand is outpacing supply, survey finds
The global demand for cybersecurity workers is not only increasing but quickly outpacing supply, according to a new study released Tuesday.
The cybersecurity workforce study by the nonprofit ISC2 looked at data from nearly 15,000 cybersecurity practitioners and found that almost half have been impacted by cutbacks, including budget cuts, layoffs and hiring and promotion freezes.
“While we celebrate the record number of new cybersecurity professionals entering the field, the pressing reality is that we must double this workforce to adequately protect organizations and their critical assets,” ISC2 CEO Clar Rosso said in a statement. “Amid the current threat landscape, which is the most complex and sophisticated it has ever been, the escalating challenges facing cybersecurity professionals underscore the urgency of our message: organizations must invest in their teams, both in terms of new talent and existing staff, equipping them with the essential skills to navigate the constantly evolving threat landscape.”
The report comes as the Biden administration is working to boost the U.S. cybersecurity workforce through a National Cyber Workforce and Education Strategy released in July.
The Office of the National Cyber Director took a broad approach to overhauling the workforce by focusing on four major aspects: ensuring every American has cyber skills, transforming cyber education, and expanding both the national and the federal cyber workforces.
At the time, the workforce strategy referenced an ISC2 report that noted there were 400,000 unfilled cybersecurity jobs in the U.S.
Congress has also worked on this issue recently. A recent bill from Reps. Nancy Mace, R-S.C., and Katie Porter, D-Calif., would change how the federal workforce operates by only allowing agencies to consider formal education if it directly reflects the position. Cybersecurity practitioners have for years honed their skills outside of the traditional formal education route, and experts have long noted that putting limits on cybersecurity jobs filters out those who may be most qualified.
The report found that while the global workforce has grown 8.7% to 5.5 million jobs compared to 2022, the gap between the demand and supply grew 12.6% over the same period. The workforce gap does not estimate the actual number of open jobs vs. those that are filled, but the estimated number of jobs required for organizations to protect themselves against threats.
Meanwhile, more than half of the 14,865 cybersecurity professionals surveyed around the globe said that their organization has a shortage of staff and more than 90% said they have a skills gap.
“Our study shows that a perfect storm of economic uncertainty, rapidly emerging technologies, fragmented regulations and ever-widening workforce and skills gaps is creating huge uncertainty for a profession whose role it is to protect global infrastructure and systems from attack,” the report notes.
