Skip to Content

How to Fill the Cybersecurity Professionals Gap

The cybersecurity field has a profound employment gap, with over 313,000 jobs currently unfilled across the country out of an existing workforce of 715,715, according to CyberSeek’s interactive supply and demand map. A reported 61 percent of companies can’t find enough professionals to fill their cybersecurity ranks. In other words, there are many more open positions than there are qualified employees to fill them.  The number is expected to grow, as well, to as much as a 3.5 million shortfall by 2021.

Lack of Standardization, Job Descriptions Are Partly to Blame

What’s the best way to fill the gap? One way is to define the problem. According to one presentation at the Gartner Security and Risk Management Summit in Maryland recently, reported by industry publication HR Dive, companies are contributing in several different ways.

One challenge is a lack of standardization in job descriptions and titles. As a result, the field lacks qualified candidates to begin with – but even the qualified candidates that do exist are not always sure that a given job title and description are actually seeking what they have to offer. Even companies themselves often aren’t completely sure what they are seeking in terms of skills. Standardization could help both cybersecurity professionals and human resources professionals to mutually identify each other.

At the same time, though, companies were urged to be more fluid. One solution could be to ease up on certifications required, making them preferred. Talented employees could be trained and certified in appropriate technology positions once hired. Employers might try a business strategy designed to lead talented people in and then adapt them to needed roles.

The best strategy in a time when demand far outpaces supply is perhaps to revamp expectations of candidates. Companies may not find precisely what they are looking for. However, they can hire and train for what they need most.

More diversity in computer and STEM education could be a solution.

More Diversity, Education Are Key

Many observers feel that more encouragement and engagement with a more diverse workforce is the key. Currently, just 11 percent of cybersecurity professionals are women, and only 12 percent are black, Hispanic, or Asian, according to SecurityWeek.

Partly, that is because the computing and STEM fields that nurture cybersecurity are also low in gender and ethnic diversity. More community events and educational events focusing on the challenges and opportunities in cybersecurity starting in the K-12 grades could do a lot to foster more people being aware of, and drawn to, the field.

Leadership is needed to ensure educational programs and accessibility programs to appeal to a broader pool of potential candidates.

Talented Professionals Seek Challenges 

Finally, solutions can also arise from understanding what talented cybersecurity professionals want. The industry sectors with the greatest amount of cybersecurity talent currently are insurance, banking, and consumer products.  In part, this is because of explosive cybersecurity budgets, particularly in banking. It’s also partly because the cybersecurity in place is perceived by the professionals themselves as very advanced. It’s a chance to work at the cutting edge of the field.