The cybersecurity skills gap now numbers 4.07 million unfilled jobs. The recently released 2019 (ISC)2 Cybersecurity Workforce Study confirmed this significant increase. Indeed, last year the cybersecurity skills gap numbered at just shy of three million.
As such, (ISC)2 predicts the cybersecurity workforce must grow by 145 percent to close the skills gap globally; only 2.8 million professionals currently work in the field. Further, the U.S. only has just over eight hundred thousand (800,000) professionals with a gap of around five hundred thousand (500,000). Therefore, the U.S. cybersecurity market needs to grow 62 percent to close the gap.
Other findings from the 2019 (ISC)2 Cybersecurity Workforce Study includes:
- 65 percent of enterprises report a cybersecurity skills gap.
- 51 percent of InfoSec professionals say their enterprise faces a moderate to extreme risk due to staff shortages.
- However, 65 percent of professionals claim they want to work in cybersecurity for their entire careers.
- 66 percent report feeling at least somewhat satisfied in their jobs.
Thus the problem may not lie in retaining cybersecurity talent. Instead, to close the cybersecurity skills gap, you must focus on obtaining the talent.
How can you do this? And why should this concern you?
How to Close the Cybersecurity Skills Gap
Even if you select a next-generation cybersecurity or SIEM solution, you still need human intelligence in your security. For example, only humans can fully analyze and process security event information and make remediation decisions.
Additionally, human intelligence is necessary for maintaining SIEM solutions and updating their correlation rules. Finally, humans must work with your cybersecurity for optimal threat hunting and faster incident response.
So you need to attract talent, even in the face of the cybersecurity skills gap. To do this, you have some options:
- Diversify your talent pool. Recent graduates and consultants could provide your team the skills boost it needs. You may even have employees who already have the talents you need in other departments. Cast a wide net.
- Provide fair and attractive compensation. This can include salary (the average salary is about $90,000 according to (ISC)2) but it also includes perks. Specifically, you need to provide perks that encourage a work-life balance. Burnout can still affect cybersecurity professionals and the best way to attract talent is to demonstrate your awareness of this issue.
- Deploy a next-generation SIEM solution that fits with your use-case and IT infrastructure. A solution like this can’t remove the need for human intelligence, but it can supplement that expertise. With the right solution, you may not need as many bodies as you predicted.
If your enterprise continues to struggle to close your own cybersecurity skills gap, consider a managed security services provider (MSSP). These providers manage your security processes for you, without disrupting your other workflows; MSSPs can work on-premises or via the cloud, performing security investigations based on alerts and 24/7 threat monitoring for you.
How to Learn More About Closing the Gap
Latest posts by Ben Canner (see all)
- Revisiting Whether SOAR Will Replace SIEM in Business Cybersecurity - May 29, 2020
- Changing SIEM From Reactive to Proactive with Threat Hunting - May 27, 2020
- Top-Down SIEM: An Interview with Avi Chesla of Empow - May 21, 2020