International Cybersecurity Workforce Needs to Grow by 89% to Close Skills Gap

SCOTT IKEDA

A new report from (ISC)², the world’s largest nonprofit membership association of certified cybersecurity professionals, estimates that the cybersecurity workforce is still facing a shortfall of skilled and trained staff in spite of a general improvement in 2020. Global growth would need to be at 89% to make up for it, with the majority of all organizations reporting that they currently have a staff shortage. This issue is greatly influenced by region, however, as some countries (such as the United States) are facing a much more manageable skills shortage than others. It is also substantially down overall from the findings in 2019, when a 145% growth gap in cybersecurity jobs was reported.

Cybersecurity workforce needs around the world

(ISC)² gathered data from 3,790 individuals responsible for security/cybersecurity at organizations based throughout most of the world’s major economies. Respondents also represented a variety of organizational sizes and industries. The cybersecurity workforce study was conducted from late April to mid-June of this year, emphasizing the response to the then-new COVID pandemic.

As with so many other studies this year, the central theme is the very sudden pivot to having a majority of staff be permanently off-premises. This has necessarily created massive cybersecurity challenges as organizations whiplashed into use of unfamiliar cloud services and were forced to accommodate all manner of personal devices of remote workers. 22% of the cybersecurity workforce had less than one day to secure remote systems, and 47% had no more than a week to make it happen. These numbers were fairly consistent across all of the regions of the world.

In spite of this challenge, there is a general sense of readiness among the organizations surveyed. Much of this seems to be attributable to senior leadership understanding and quickly adapting to these new needs, with 67% of organizations reporting that these executive decision-makers are fully cognizant of the increased security burden that comes with a shift to a remote work model.

One element of the cybersecurity workforce staffing issue appears to stem from the fact that IT professionals often have work elements that must be performed on-premises, such as directly accessing network components. About 42% said that their job could not be performed in its entirety from off-site, 36% said that security would not be effective without a regular on-site presence, and 24% worked in facilities with classified information that required on-site handling. Though it is a necessary element of the job for many cybersecurity professionals, 78% of respondents said they were at least “somewhat worried” about going into the office during the pandemic.