The nation’s cybersecurity gap remains difficult to close, according to a new breakdown by CyberSeek, a joint initiative of the National Institute of Standards and Technology’s NICE program, Lightcast and CompTIA.
Specifically, the country needs 315,000 more workers to close the demand gap in cybersecurity workers. That represents a significant increase from the 1.1 million people currently working in cybersecurity.
“Managing cybersecurity risks remains a top priority for enterprises within the public and private sectors,” Rodney Petersen, director of NICE, wrote in a statement accompanying CyberSeek’s latest data update. “During Cybersecurity Career Week, we challenge employers from all sectors to promote career opportunities in cybersecurity to individuals of all ages and from diverse backgrounds, and we invite students, career seekers and employees to explore cybersecurity as an exciting, rewarding and in-demand career opportunity.”
Demand for cybersecurity professionals has remained relatively steady since May, but the experts at CyberSeek think that employers need to adjust how they source cybersecurity talent if they want to truly close the current vulnerability gaps.
“The cybersecurity talent gap has narrowed slightly, but companies must still shift their thinking to focus on cyber skills, rather than credentials, to really get the talent they need” Will Markow, vice president for applied research at Lightcast, added. “Focusing on skills not only expands and diversifies the talent pool by reaching more workers, it also allows employers to target their training programs and take ownership of their cybersecurity talent pipeline.”
Whatever the strategy for boosting the pipeline of cybersecurity talent, time is of the essence: In early October, ISACA’s annual State of Cybersecurity study suggested that 48 percent of cybersecurity professionals believe their organizations are more vulnerable to threats now compared to the previous year; that’s in addition to 59 percent who think their cybersecurity teams are understaffed. Focusing on skills instead of credentials is just part of the equation; organizations need to do more to develop the next generation of talent.
“There are some ways to close the gap, which include promoting cybersecurity education, offering mentorship and internships, increasing diversity and providing ongoing professional development opportunities,” Omri Weinberg, co-founder and chief revenue officer at security firm DoControl, told Dice. “Collaboration among stakeholders is essential to address this challenge effectively. It all starts at the top. If this is a top priority to the board of directors, CEO and other executives, they will invest more time, money and effort to educate the next generation alongside educational institutions to create more awareness and opportunities for the future of the cyber workforce.”
According to the ISACA survey, five technical skill sets in high demand include:
- Identity and access management (49 percent)
- Cloud computing (48 percent)
- Data protection (44 percent)
- Incident response (44 percent)
- DevSecOps (36 percent)
The more tech professionals master these skills, the faster we’ll potentially close this vulnerability gap.