New (ISC)² reports puts cybersecurity hiring shortfall at 2.9 million
Cybersecurity hiring efforts have been coming up short for a while now. With security breaches and cyberattacks mounting everywhere you look, businesses and organizations are anxious to find skilled cybersecurity professionals and put them to work. Almost every business has either electronic data or mission-critical computer networks (or both) that need constant protection from hackers.
For a variety of reasons, however, the supply of cybersecurity workers has lagged far behind demand in recent years — and a new report from cybersecurity professional association (ISC)² indicates that there’s been little if any traction gained by recent efforts to build up the global cybersecurity workforce. Earlier today, (ISC)² officials reported that, worldwide, there are now 2.93 million unfilled cybersecurity jobs.
That’s a little more than a million more unfilled jobs than (ISC)² found in recent studies with similar focus. A little more than 18 months ago, in early 2017, the hiring gap was believed to be no worse than 1.8 million worldwide. The findings were generated by the 2018 (ISC)² Cybersecurity Workforce Study, which was released this week.
A stark majority of the unfilled jobs are in the study’s Asia-Pacific region, where an estimated 2.14 million positions are unfilled. The next-most severe problem area is North America, where the supply of information security professionals falls 498,000 short of demand. (ISC)²’s projections are based on a global survey of more than 1,400 cybersecurity workers.
Of particular note to those who have an interest in cybersecurity certification, the 2018 (ISC)² Cybersecurity Workforce Study found that more than half (54 percent) of survey participants are either actively pursuing cybersecurity certifications, or plan to attempt such in the next year.
A stark 63 percent of respondents said that their organizations have a shortage of qualified cybersecurity staff, with 59 percent reporting that their organizations are at moderate or extreme risk of cybersecurity attacks as a result of being understaffed.
How quickly the problem will or will not be addressed is doubtless dependent to some extent on how quickly the number of available skilled cybersecurity professionals can increase. Despite the cybersecurity hiring crisis, however — or perhaps because of it — not every organization has plans to increase head count. A little less than half of those surveyed for the 2018 (ISC)² Cybersecurity Workforce Study said that their employer has firm plans to increase cybersecurity staffing over the coming 12 months.
Additional information from the 2018 (ISC)² Cybersecurity Workforce Study, including the complete report as a free PDF download, is available online.