The cybersecurity workforce gap is on pace to hit 1.8 million by 2022—a 20% increase since 2015, according to 2017 Global Information Security Workforce Study, conducted by (ISC)2.
A lack of skills is the perceived problem: A full 68% of cyber-workers in North America believe the workforce shortage is due to a lack of qualified personnel, although the research shows that there are untapped talent pools out there.
“There is a definite concern that jobs remain unfilled, ultimately resulting in a lack of resources to face current industry threats—of the information security workers surveyed, 66% reported having too few of workers to address current threats,” said David Shearer, CEO at (ISC)². “We’re going to have to figure out how we communicate with each other, and the industry will have to learn what to do to attract, enable and retain the cybersecurity talent needed to combat today’s risks.”
The report calls for employers to look for new recruitment channels and unconventional strategies and techniques to fill the worker gap. While survey responders believe the No 1 reason for the shortage is difficulty to find qualified personnel, they also said that job requirements are not understood by leadership.
The survey found that about 87% of cybersecurity workers globally did not start in cybersecurity, yet 94% of hiring managers indicate that existing experience in the field is an important consideration. Also, 33% of executives and C-suite professionals began in non-technical careers. Currently, 90% of the cyber-workforce is male with the majority having technical backgrounds. When taken together, these stats suggest that there are larger pools of talent from which to draw that may not yet have been tapped.
Research from earlier this week shows that in contrast, European organizations are planning the fastest rate of cybersecurity hiring in the world, with 38% of hiring managers in the region wanting to grow their workforce by at least 15% in the next year. That region faces a projected skills gap of 350,000 workers by 2022.
Globally, a third of hiring managers are planning to increase their departments by 15%; and 70% of employers around the globe are looking to increase the size of their cybersecurity staff this year.