A new study from nonprofit association of certified cybersecurity professionals (ISC)2, revealed updated figures for both the cybersecurity workforce estimate and the cybersecurity workforce gap in 2021.
The (ISC)2 Cybersecurity Workforce Study revealed a decrease in the global workforce shortage for the second consecutive year from 3.12 million down to 2.72m cybersecurity professionals.
There are two significant contributing factors to this year’s workforce gap estimate. The first is that 700,000 new entrants joined the field since 2020, contributing to a sharp increase in the available supply, now up to 4.19m people.
Secondly, the workforce gap for every region other than Asia-Pacific increased. Data suggests that slower economic recovery from the pandemic and its impact on small businesses and critical sectors like IT services (a major cybersecurity employer in the region) is contributing to the relative softness in demand for cybersecurity professionals compared to North America, Europe and Latin America.
However, Asia-Pacific still has the largest regional workforce gap of 1.42m.
Even with 700,000 new entrants, demand continues to outpace the supply of talent. The global cybersecurity workforce needs to grow 65% to effectively defend organisations’ critical assets.
- Which UK councils have suffered the most data breaches?
- Decarbonisation of crypto sector hampered by lack of clarity
- COP26 event will see indigenous rights leaders discuss preservation
“Any increase in the global supply of cybersecurity professionals is encouraging, but let’s be realistic about what we still need and the urgency of the task before us,” said Clar Rosso, CEO, (ISC)².
She added: “The study tells us where talent is needed most and that traditional hiring practices are insufficient.
“We must put people before technology, invest in their development and embrace remote work as an opportunity. And perhaps most importantly, organizations must adopt meaningful diversity, equity and inclusion practices to meet employee expectations and close the gap.”
How organisations overcome their gap
This year’s research provides fresh perspectives into how organisations are overcoming their own workforce gaps. Study participants shared their organisations’ planned talent and technology investments, including areas like more training (36%), flexible working conditions (33%), as well as investing in diversity, equity and inclusion (DEI) initiatives (29%).
Other planned initiatives included using cloud service providers (38%), deploying intelligence and automation for manual tasks (37%) and involving cybersecurity staff earlier in third-party relationships (32%).
The study uncovered the avoidable consequences that occur when cybersecurity staff is stretched too thin. Participants said they experienced misconfigured systems (32%); not enough time for proper risk assessment and management (30%); slowly patched critical systems (29%); and rushed deployments (27%).
Participants also offered opinions on what specialised skills and roles their teams lack. They cited categories such as Securely Provision (48%); Analyse (47%); and Protect and Defend (47%) as the top areas of need, but the data also shows a strong need for help across all roles.
Lasting pandemic impact
The percentage of cybersecurity professionals working remotely in some capacity due to the pandemic remains unchanged at 85%; however, 37% report they must now come to the office at times compared to 31% in 2020.
In addition to the advantages of remote work as a public health measure, organisations cited improved workplace flexibility (53%) and accelerated innovation and digital transformation efforts (37%). This, along with stronger collaboration (34%) are some of the ways the pandemic has changed their organisations for the better.
Security challenges arising from remote workforces included rapid deployment of new collaboration tools (31%); lack of security awareness among remote workers (30%); and rising concern for the physical security of distributed assets (29%).
Get the latest news from DIGIT direct to your inbox
Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.
We will keep you up to date on the pivotal issues impacting the sector and let you know about key upcoming events to ensure that you don’t miss out on what’s going on across the Scottish tech community.
Click here to subscribe.