Cyber attacks have the potential to disrupt governments, destroy businesses, and put our personal safety in jeopardy. Yet this critical sector of the technology world suffers from a severe deficit of skilled workers to fill its jobs.
There are over 210,000 unfilled cyber security jobs in the USA alone, and over 1,000,000 globally, while battles are being fought between countries, cars are being hacked, and consumers are welcoming insecure IoT devices into their homes. Yet the people who are building these products, fighting the world’s battles and mitigating cyber risks are often under-trained and sitting next to empty desks.
How did we end up here? Cybersecurity training is the problem, or rather the lack of access to it. Even if a job seeker does pay $5,000 for cybersecurity training, there’s no guarantee that the training they receive will still be relevant by the time they’re working in the field. Cybersecurity moves so quickly that more than 50% of a class’ content may change from year to year.
An advanced penetration testing class that’s top-notch now will be nearly useless in a year, because the security vulnerabilities, network technologies and software tools will change drastically within that time.
As a result of these training challenges, there are far more open cybersecurity jobs than there are qualified people to fill them. If we don’t correct the cybersecurity skills gap, the problem has the potential to get much worse.
Cyber-attacks on our power grid, nuclear power plants and other critical facilities may sound far-fetched, but the people who manage these systems are trained to manage the systems, not to protect us from cyber-threats. In most cases, security is an afterthought in the software products that control critical functions in our society, and in many cases, the companies that are forward enough to implement some level of security are only doing so on the surface.
The solution is to create a booming market for cybersecurity talent, where employers can take their pick of qualified professionals. This way, jobs can be competitive. Instead of overpaying for employees with outdated skill sets, organizations will have the option to retain them by training them in new cybersecurity capabilities, or replace them with more qualified talent.
More people will have jobs, jobs will be more competitive, pay will be more efficient, and existing professionals will have more opportunities to advance. Even though the attackers will always have a first-mover advantage, the good guys defending networks will have a much stronger opportunity to counter emerging cyber-threats.
To build that booming market for talent, cybersecurity training providers need to find new ways to offer low-cost, high quality hacking, forensics and cybersecurity training classes. Since price is the largest factor preventing new talent from entering the market, reducing or eliminating this barrier to entry will result in more qualified cybersecurity professionals and a more competitive marketplace. Better training will also open the lucrative cybersecurity market to job seekers without prior technical experience, as well as those in developing countries. It will also allow current cybersecurity professionals to advance in their careers by providing them more opportunities to learn challenging niche skills.
There are clear reasons behind the cybersecurity talent shortage, and cybersecurity training providers are already beginning to address them with new training solutions. As cybersecurity training improves, we can eliminate the talent gap, address cyber-threats, and ensure that we all live in a safer and more secure world.