The Cybersecurity Skills Gap Exceeds 4 Million Jobs. What Can You Do?

The Cybersecurity Skills Gap Exceeds 4 Million Jobs. What Can You Do?

The cybersecurity skills gap now numbers 4.07 million unfilled jobs. The recently released 2019 (ISC)2 Cybersecurity Workforce Study confirmed this significant increase. Indeed, last year the cybersecurity skills gap numbered at just shy of three million.

As such, (ISC)2 predicts the cybersecurity workforce must grow by 145 percent to close the skills gap globally; only 2.8 million professionals currently work in the field. Further, the U.S. only has just over eight hundred thousand (800,000) professionals with a gap of around five hundred thousand (500,000). Therefore, the U.S. cybersecurity market needs to grow 62 percent to close the gap.    

Other findings from the 2019 (ISC)2 Cybersecurity Workforce Study includes: 

  • 65 percent of enterprises report a cybersecurity skills gap. 
  • 51 percent of InfoSec professionals say their enterprise faces a moderate to extreme risk due to staff shortages.
  • However, 65 percent of professionals claim they want to work in cybersecurity for their entire careers.
  • 66 percent report feeling at least somewhat satisfied in their jobs. 

Thus the problem may not lie in retaining cybersecurity talent. Instead, to close the cybersecurity skills gap, you must focus on obtaining the talent. 

How can you do this? And why should this concern you? 

How to Close the Cybersecurity Skills Gap

Even if you select a next-generation cybersecurity or SIEM solution, you still need human intelligence in your security. For example, only humans can fully analyze and process security event information and make remediation decisions. 

Additionally, human intelligence is necessary for maintaining SIEM solutions and updating their correlation rules. Finally, humans must work with your cybersecurity for optimal threat hunting and faster incident response. 

So you need to attract talent, even in the face of the cybersecurity skills gap. To do this, you have some options: 

  • Diversify your talent pool. Recent graduates and consultants could provide your team the skills boost it needs. You may even have employees who already have the talents you need in other departments. Cast a wide net. 
  • Provide fair and attractive compensation. This can include salary (the average salary is about $90,000 according to (ISC)2) but it also includes perks. Specifically, you need to provide perks that encourage a work-life balance. Burnout can still affect cybersecurity professionals and the best way to attract talent is to demonstrate your awareness of this issue.
  • Deploy a next-generation SIEM solution that fits with your use-case and IT infrastructure. A solution like this can’t remove the need for human intelligence, but it can supplement that expertise. With the right solution, you may not need as many bodies as you predicted.

If your enterprise continues to struggle to close your own cybersecurity skills gap, consider a managed security services provider (MSSP). These providers manage your security processes for you, without disrupting your other workflows; MSSPs can work on-premises or via the cloud, performing security investigations based on alerts and 24/7 threat monitoring for you. 

How to Learn More About Closing the Gap

You can read the full 2019 (ISC)2 Cybersecurity Workforce Study here. Also, you can read our SIEM Buyer’s Guide, with our analysis of the solution providers and capabilities in the market, here.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner