Our personal and professional lives largely rely on technology in ways we couldn’t have imagined a few decades ago. We are able to collaborate more easily, and the convenience of online information helps us to be more productive. While technology makes our lives easier, it also makes it easier for cyber criminals to gain access to sensitive information. As a result, the requirement for cybersecurity professionals has been growing rapidly, faster than companies can hire. In fact, the number of unfilled cybersecurity positions worldwide grew by 350% between 2013 and 2021.
Cybersecurity in high demand
October is National CyberSecurity Awareness Month, which was created to ensure that everyone has the knowledge and resource to limit the threats posed online, and therefore stay safer and more secure. This is becoming increasingly important in 2022, cyber criminals are flourishing because there are more potential victims are out there. Since 2020, industries have seen the number of people working from home increase, either full time or to a hybrid working model. The nature of homeworking tasks means they are primarily carried out online, and without the security protections in place that were provided in the office, firms are more susceptible to attacks. Alliance Virtual Offices found that since the start of the pandemic, there was a 238% increase in cyberattacks on home workers.
As a result, cybersecurity roles have shot up significantly with the average number of vacancies per firm increasing from 5.2 in 2021 to 6.8 in 2022. There has been a particular increase in demand for Penetration (pen) testing roles. This is essentially a form of controlled hacking to find and test weaknesses that criminals could exploit. Vulnerabilities are harder to spot from the inside so pen testing is valuable because it provides insights into your defences from an outside perspective, allowing businesses to put preventative measures in place.
The skill gap
No organisation is immune to cybercrime, so highly skilled cyber professionals are essential if you want to avoid attacks. Businesses are facing a cybersecurity talent shortage due to the credentials required to secure a role in this profession, a well-known problem within the cybersecurity community. Cyberseek reported there are around 1.1 million people employed in cybersecurity in the U.S., but over 700,000 unfilled positions are currently available. Worldwide, the cyber workforce shortfall is approximately 3.5 million people.
In the UK, a 2022 government report showed more than half of UK businesses have a basic cybersecurity skills gap, and a third of businesses have more advanced skills gaps, especially around pen testing. Almost half (49%) of cyber-security firms specifically have faced problems with technical cyber security skills gaps in the past 12 months, either among existing staff (20%) or among job applicants (45%).
The impact on hiring
Businesses are finding hiring cybersecurity professionals a challenge due to the credentials and experience usually required to secure a role in cybersecurity. Anyone who doesn’t meet the credentials might be put off applying or if they do apply, they aren’t considered.
Louis Mobbs, Principle Managing Consultant at Cybernetic Search said “The demand for cybersecurity professionals is through the roof but finding the ‘right’ talent is extremely tough. The gap often arises due to lack of training, or an unwillingness to train junior members of the team. This results in security professionals or junior pen testers without hands-on real-world experience getting looked over, so while they have the skills and willingness to learn, they aren’t recognized enough to land a job.”
Flexibility is key here to help fill these high demand roles. In a recent article, Fortune said “employers have been slow to reduce the credential requirements for cybersecurity jobs, despite the difficulty in hiring.” It’s clear to solve hiring difficulties, businesses need to broaden their searches by considering candidates without traditional qualifications or experience to attract quality talent.
Future of Cybersecurity
A skills shortage in cyber security is a global issue, Cybersecurity Ventures predicts the same number of cybersecurity positions will be vacant in 2025, so while the gap might be levelling, the shortage isn’t going away anytime soon. Spiceworks found executives are most concerned that mobile devices will be leveraged as an attack pathway more in 2023, follow by email and cloud. In an undeniably digital world, the future of the cybersecurity industry is and will continue to remain the most dynamic and critical industry.
Due to talent shortages, we are seeing a candidate-driven market with a greater average number of vacancies per firm to fill. Employers are struggling to find and hire great talent and in this industry in particular, highly skilled candidates have the upper hand.
With high competition, you need to be confident that you are hiring competent, experienced people who have the knowledge and skills to protect your business. Cybernetic Search have the expertise to help. Our teams in Europe and USA help protect your business by supplying leading cybersecurity experts with our extensive network of highly skilled candidates.