In fact, the shortage of qualified cybersecurity employees is the biggest cyber risk. A report released by Cybersecurity Ventures in 2017 estimates that the shortage of cybersecurity talent will surge to 3.5 million by 2021 from 1 million in 2016. The number of vacancies in cybersecurity in the United States has increased considerably from the 209,000 in 2015. At the same time, according to Peninsula News analysis of the Bureau of Labor Statistics data, job advertisements for hiring cybersecurity professionals have grown by 74% in the past five years. According to this growth rate, the United States will have a shortage of 500,000 or more cybersecurity talents by 2021. The Indian National Association of Software and Service Companies (NASSCOM) estimated that India will need 1 million cybersecurity practitioners to fill its needs for rapid economic growth by 2020.
Due to the unprecedented surge in cyber attacks, the demand for cybersecurity talent in various industries in India will also increase. The employment data from the US and India highlight the crisis in the cybersecurity labor market. By 2021, the global loss caused by cyber crime will reach 6 trillion US dollars, double the 3 trillion US dollars in 2015. This includes data corruption, theft of funds, loss of productivity, theft of intellectual property, theft of personal and financial data, embezzlement of public funds, fraud, post-attack damage to normal business processes, forensic investigations, recovery and detection of hacked data and systems, and reputation damage.
The non-profit professional association for cybersecurity (ISC)² surveyed 3,237 professionals and published a report with reference to publicly available data. In this report, it also evaluated salary, technology, and recruitment needs in the cybersecurity workforce. The report pointed out that the interviewees were mostly concerned about the shortage of senior/experienced cybersecurity talents. This concern even exceeded the worry about the lack of effective work resources. In addition, 51% of cybersecurity professionals said that their companies face moderate or extreme risks due to insufficient cybersecurity manpower.
Companies should utilize some strategies to help build a strong cybersecurity team and ensure that their companies do not suffer from manpower shortages. Recruiting and training more women is a good start as there is twice male cybersecurity personnel more than female ones. It means that as long as companies overcome the common inherent impression of this position, there are a large number of untouched recruiters available. The report also suggested that companies should pay attention to new employees who have just joined, especially those who are new graduates or those who have just started a cybersecurity career. Moreover, companies should also determine the job requirements and certifications to be obtained according to the job level “reasonable” because cybersecurity personnel often complain that the “entry-level” position that requires a lot of experience and qualifications.
Before you find your best cybersecurity workforce, LIFARS is here to help! LIFARS’ CISO as a Service is designed to address organizations’ information security leadership needs. Our CISOs are highly skilled at establishing, improving, and transforming Cybersecurity Programs focused on maximizing business values by minimizing risks and optimizing opportunities. LIFARS’ astute Information Risk Management leaders can discern security needs, design effective solutions & programs, and deliver results while steering through challenging organizational culture. Their over 20 years of security, risk, and compliance leadership experience encompassed various industries and globally dispersed organizations.