It’s no surprise that cybersecurity workers are in high demand. Ask any MSP or other tech company how difficult it is to find skilled employees to help protect customers. In fact, there’s such a shortage of cyber talent, that Bryan Orme, principal at GuidePoint Security, goes so far as to call it "a talent war."
This comes at a critical time for tech companies seeing companies feeling pressure to secure their data, as well as rising security breaches that have affected millions. As of now, there are more than 460,000 cyber-related job openings in the U.S., according to Cyberseek.
How did the cybersecurity field reach this gap—and more importantly, what is being done to address this issue?
How did we get here?
As mentioned earlier, more and more companies are turning to digitalization since the onset of the pandemic. CompTIA’s State of Cybersecurity in 2020 report revealed that because of the surge in newly remote workers, companies needed to overhaul their existing IT systems. Many were overwhelmed with the efforts necessary to implement these changes, including managing physically distant employees and evaluating the security of their online infrastructures. As a result, they needed to expand their cybersecurity workforce.
In addition, during this shift, cyberattacks increased and even widened their reach, taking advantage of the chaos of the pandemic. And with this trend showing no signs of slowing down, more trained professionals will be needed. However, the field requires specialized training, and there aren’t many universities and centers offering the necessary curriculum. Consequently, this leads to a lack of visible opportunities for potential students and practitioners in general.
Lastly, because cybersecurity literally involves safety and carries the weight of these companies’ future actions, most professionals feel immense pressure, as the stakes continually rise. This leads to employee burnout and eventually, high turnovers.
What's being done?
With cybersecurity threats increasing and worsening, the need to fill the gap becomes extremely dire. But what steps have been taken so far and what else can be done?
For starters, many solution providers and other tech companies are now investing in cybersecurity training, which can lead to cost savings and talent retention. If these establishments pursue improving their internal expertise, they reduce possible digital risks for themselves and their customers.
Training is also being done at the university level. Today's online cybersecurity degrees equip students with real-world knowledge by applying lessons to current cybersecurity threats, albeit in virtual environments. Students are also trained in offensive cybersecurity, general cybersecurity, and defensive cybersecurity, with lessons formulated by experts in the field. Of course, universities can only do so much, and institutions like CompTIA aim to close the skills gap by providing tech training and education opportunities outside of higher education.
For the meantime, companies are also turning to shifting their position descriptions. To attract applicants, they are adjusting job listings and making the team as innovative as possible. Moreover, they are focusing on professional skills needed from applicants, instead of merely skills. These characteristics might include curiosity, commitment for problem-solving, and strong work ethic — all of which can help shape future professionals with the right corporate guidance and training.
With many sectors struggling to maintain their footing and costlier threats looming around the corner, the demand for more cybersecurity workers is not slowing down anytime soon. Tech companies need to consider taking proactive, consistent steps: Encourage interested individuals and students into cybersecurity, promote favorable opportunities, and diversify approaches to hiring. Finding cyber talent is difficult today, but it will only get harder tomorrow. Are you up for the challenge?
Want to learn more about cybersecurity? Sign up for CompTIA’s Cybersecurity Community and if you’re looking for even more cyber resources, join the CompTIA Information Sharing and Analysis Organization (ISAO).