The US and China make up the world’s two largest economies. If it were to be measured as a country, cybercrime would be next in line. The need, then, for cybersecurity professionals cannot be stressed enough.
The problem, however, is that there just aren’t enough cybersecurity professionals to meet the demand.
According to an industry report from the Information Systems Security Association (ISSA) and analyst Enterprise Strategy Group (ESG), a cybersecurity skills gap persists for a fifth straight year.
In order to solve a problem, however, you must first understand it. In this post, we define the cybersecurity skills gap, offer explanations as to why it exists, list the jobs most in-demand, and propose solutions for narrowing the gap.
The Cybersecurity Skills Gap Defined and Explained
Defined, a skills gap is a gap between the skills an employee has and the skills he or she actually needs to perform a job well. It’s an issue that has plagued the IT industry for years.
The cybersecurity skills gap exists because there aren’t enough qualified cybersecurity professionals available to fill the needs of employers. This despite high entry salaries, recession-proof job security, and plentiful career opportunities.
The reason can be contributed to a number of factors, some of which include:
- Education and Certifications Requirements – Many cybersecurity roles require at least a 4-year degree from university or college. Many cyber job listings also indicate the need for an advanced professional certification, such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or CISM (Certified Information Systems Manager). Such degrees and certifications take years and money to obtain.
- Scarcity of Courses – Despite efforts by the NSA, only 42% of the top 50 computer science programs in the country include security courses for undergrads.
- Lack of Interest – Young people are increasingly shunning tech jobs and IT-related subjects in school. On top of that, in a survey of 524 “technology-savvy millennials and post-millennials,” only 9 percent said they’re interested in a cybersecurity career.
- Awareness – To a large extent, many just aren’t aware of what a career in cybersecurity entails or that it’s an option for them to pursue.
Cybersecurity Jobs Most In-Demand
- Information Security Analyst
- Ethical Hacker
- Digital Forensic Analyst
- Security Architect
- Network Engineer
- Security Software Developer
- Chief Information Security Officer (CISO)
How to Narrow the Cybersecurity Skills Gap
Based off of a report conducted by the International Information System Security Certification Consortium, or (ISC)², there are four major strategies businesses can implement to build their cybersecurity teams. They are:
- Appeal to the interests and needs of existing cybersecurity professionals. With so many jobs available, the field can’t afford to lose those already in it. That means offering more relevant on-the-job work experience and providing robust training as well as professional development opportunities.
- Relax qualifications for cybersecurity applicants, including both degrees and certifications. Doing so will deepen the talent pool and lower the chances of missing undiscovered talent. It’ll also help to increase diversity within the field.
- Recruit workers with relevant degrees (e.g., computer science and engineering), then expand their cybersecurity skills in-house; going as far to even pay for their certifications.
- Grow your cybersecurity workforce from within. Identify talented and motivated non-security-focused professionals and enlist them into cybersecurity trainings.