Despite an increasingly riskier world, and more and more companies developing robust cybersecurity programs, there is a desperate shortage of trained, certified and available cybersecurity experts to fill the existing job gap. Organizations must find new ways to build and manage their security programs. As reported by Monster.com in 2017, there were over 1 Million cybersecurity positions unfulfilled in 2016 globally. In the U.S., there are currently 50,000 unfilled security analyst jobs including Certified Security Manager, where there are 30,000 open positions but only 10,500 total certificate holders. Other positions include database architect, network engineer, software engineer and intelligence analyst, to list just a few.
The average annual salary for a CISO (Chief Information Security Officer ) is $204,000 and a cybersecurity analyst’s is $90K, with many experienced security experts easily commanding salaries in the six figures. Recruiting and investing in security talent is a real issue for companies of all sizes, particularly organizations with small IT teams who can’t afford to staff the teams they need.
Other reasons for the shortage of security talent include:
- Cybersecurity is a “New” Collar Job
While the need for advanced cybersecurity is acute, the skillsets required are only partially outlined by a constantly evolving “new” field of study which even top colleges and universities are struggling to adequately include and define in their more traditional IT curriculums. Because the actual, real-world professional practice of high-level, intelligent, comprehensive cybersecurity is a hybrid of traditional IT skills (programming, analysis, coding, et al) along with intelligent cyber-detective work that relies on intuitive problem-solving skills, blended with cyber-tracking and system maintenance expertise. This also requires the communication and training skills required to convey systemic informational requirements on a network-wide level that may include in-house staff, clients, and all third party users. The evolving skillsets required are difficult to academically pin down, and continue to be difficult for corporate recruiters to clearly define and present to potential graduates seeking to translate their academic skills into professional success.
- Cybersecurity Lacks the “Cool” Factor to the Younger Workforce
In addition to being an unclearly defined field of study, for recent graduates of top universities cybersecurity may lack what’s considered the “cool” factor of app design, game design and software design that the Millennials and Generation Z regard as the more lucrative and interesting career path, as well as a more creative outlet for their IT talents. App design in particular, due to the unlimited growth potential of the format, as well as its many financial success stories, continues to drain the pool of some of the field’s most innovative talent.
- Improving the Security Gender Gap
The cybersecurity job gap is undoubtedly related to the STEM gender gap. In the U.S., while women currently comprise over 60% of all college graduate degree holders, only 11% of all cybersecurity professionals are female (according to ISC², a global NPO that educates and certifies information security professionals). Corporate recruiters across the board are struggling to attractively present potential security career opportunities to this huge demographic of highly educated, motivated graduates searching for their opportunity to grow their careers.
- The Current Cybersecurity Workforce Base is Already Hard at Work
The hard reality for all businesses is that the vast majority of cybersecurity experts are not only currently employed, but thriving in high-salaried positions, with little incentive to actively explore employment options. Many times, enticing top-notch security talent requires huge increases in compensation, which many companies are challenged to do.
Cybersecurity Automation Can Help Fill the Talent Gap
One key to filling the talent gap is the use of intelligent automation to build, manage and track cybersecurity processes. From organizing policies and plans, training employees, staying on top of tasks and projects, to managing vendors, budgets, and reporting, cybersecurity automation removes hundreds of hours of manual processes while significantly increasing productivity and output. Think about the tools your team already uses such as salesforce.com, Trello or Jira for other critical areas of your business. Cybersecurity automation, which Apptega delivers along with a team of certified security experts, fills that gap as the threats continue to increase along with your organization’s requirement for a more robust security program. Want to learn more about how Apptega helps fill your security talent gap?