The cybersecurity workforce gap is on pace to hit 1.8 million by 2022 – a 20% increase since 2015. 68% of workers in North America believe this workforce shortage is due to a lack of qualified personnel.
Reasons for worker shortage by region
To help combat the growing gap, a third of hiring managers globally are planning to increase the size of their departments by 15% or more. Conducted by Frost & Sullivan for the Center for Cyber Safety and Education, with the support of (ISC)2, Booz Allen Hamilton and Alta Associates, the survey is the most extensive in the industry, incorporating insights from over 19,000 cybersecurity professionals.
“There is a definite concern that jobs remain unfilled, ultimately resulting in a lack of resources to face current industry threats – of the information security workers surveyed, 66% reported having too few of workers to address current threats. We’re going to have to figure out how we communicate with each other, and the industry will have to learn what to do to attract, enable and retain the cybersecurity talent needed to combat today’s risks,” said David Shearer, CEO at (ISC)2.
The report calls for employers to look for new recruitment channels and unconventional strategies and techniques to fill the worker gap. While survey responders believe the number one reason for the shortage is difficulty to find qualified personnel, they also said that job requirements are not understood by leadership.
Percentage who came from non-IT/engineering background (among those who did not start in cybersecurity)
- 66% of respondents reported not having enough workers to address current threats
- A third of hiring managers are planning to increase their departments by 15%
- 70% of employers around the globe are looking to increase the size of their cybersecurity staff this year
- Currently 90% of the workforce is male with the majority having technical backgrounds, highlighting the issue that recruitment channels and tactics need to change
- 87% of cybersecurity workers globally did not start in cybersecurity, yet 94% of hiring managers indicate that existing experience in the field is an important consideration
- 33% of executives and C-suite professionals began in non-technical careers