Savvy technology leaders and talent strategists are busy reviewing their workforce plans for 2018. In last month's blog post, CIOs Take Stock of Tech Talent, we presented key data points to keep in mind as you do so. It is hard to ignore the data that show the growing talent shortage for cybersecurity specialists.
In fact, that gap will grow to 1.8 million in 2022, a figure that's just staggering. With the nation near full employment, not enough supply to meet demand and the unprecedented pace of change across the technology landscape, companies are seeking such roles as penetration testers and cybersecurity engineers--and they are establishing a senior leadership position if they don’t already have one, the Chief Information Security Officer (CISO).
Meanwhile, we pulled together some additional data:
- A recent article, Cyber Security Job Outlook for 2018 and Beyond, points out that there are roughly half a million cybersecurity-related job openings in the U.S. with a projected need for 1.8 million additional cybersecurity professionals to fill the workforce gap by 2022.
- A new ESG/ISSA study shows that 70% of cybersecurity professionals’ organizations are affected by the skills shortage, with such ramifications as “1) an increasing workload on cybersecurity staff; 2) the need to hire and train junior personnel rather than experienced cybersecurity pros; and 3) a situation where the cybersecurity team spends most of its time dealing with the emergency du jour, leaving little time for training, or workforce planning, etc.,” writes Jon Olsik, a Senior Principal Analyst at ESG in his blog post, Research Suggests Cybersecurity Skills Shortage is Getting Worse.
- The Bureau of Labor Statistics projects employment of Information Security Analysts to grow 28% annually through 2026, much faster than for all occupations. “Demand for Information Security Analysts is expected to be very high, as these analysts will be needed to create innovative solutions to prevent hackers from stealing critical information or causing problems for computer networks.” Two sectors experiencing the impact which could have particularly serious consequences are banks and financial institutions and hospitals and health facilities.
The tech talent gap prevails. As companies become more digital, and the pace of change accelerates, companies will continue to create jobs that demand skilled tech workers. “With a zero percent unemployment rate, security skill sets are scarce,” cites Gartner in “5 Trends in Cybersecurity for 2017 and 2018.” Businesses need--and will continue to need--new kinds of skills as cybersecurity evolves in areas such as data classes and data governance. “Changes in cybersecurity will require new types of skills in data science and analytics," says Gartner. "The general increase in information will mean artificial security intelligence and advanced analytic capabilities will also be on the rise.” Keep in mind that the technology continues to evolve and the skills gap continues to increase. This is a moving target.
One way a company can get in front is to build workforce capabilities through training and tapping non-traditional sources for talent whether it is veterans or technologists whose lineage is from a different path but through training and mentoring can grow into the position. A recent Harvard Business Review article echoes this approach and goes on to highlight pursuing candidates with nontraditional backgrounds who could bring new ideas to the position and the challenge of improving security. The data tell us the gap and need for cybersecurity specialists is going to increase, but what you do about it as a company is up to the c-suite.
Our recommendation is to begin with your workforce strategy, understand the capability gaps and put together a multi-pronged talent acquisition plan. The plan can include hiring and likely overpaying to secure talent. It can include training and reskilling to groom talent from within, and the approach could likely include building capabilities through training. With the number of cybersecurity-related events exceeding 200,000 per day, status quo doesn’t seem like an option. At Genesis10, we partner with our clients to develop workforce strategies to shore up specific talent gaps. Contact us to start the discussion. Subscribe to the blog to continue the dialogue on Technology and Talent Strategies.