Despite an increasingly riskier world, and more and more SaaS companies developing robust cybersecurity programs, there is a desperate shortage of trained, certified and available cybersecurity experts to fill the job gap. SaaS companies must find new ways to build and manage their security programs. As reported by Monster.com in 2017, there are over 75,000 unfulfilled security jobs in the U.S. including Certified Security Manager, where there are 30,000 open positions but only 10,500 total certificate holders. Other positions include database architect, network engineer, software engineer and intelligence analyst, to list just a few.
The average annual salary for a CISO (Chief Information Security Officer ) is $204,000 and a cybersecurity analyst’s is $90K, with many experienced security experts easily commanding salaries in the six figures. Recruiting and investing in security talent is a real issue for companies of all sizes, particularly organizations with small IT teams who can’t afford to staff the teams they need.
Other reasons for the shortage of security talent include:
- Cybersecurity is a “New” Collar Job
While the need for advanced cybersecurity is acute, the skill sets required are only partially outlined by a constantly evolving “new” field of study which even top colleges and universities are struggling to adequately include and define in their more traditional IT curriculums. Because the actual, real-world professional practice of high-level, intelligent, comprehensive cybersecurity is a hybrid of traditional IT skills (programming, analysis, coding, et al) along with intelligent cyber-detective work that relies on intuitive problem-solving skills, blended with cyber-tracking and system maintenance expertise. This also requires the communication and training skills required to convey systemic informational requirements on a network-wide level that may include in-house staff, clients, and all third party users. The evolving skill sets required are difficult to academically pin down, and continue to be difficult for corporate recruiters to clearly define and present to potential graduates seeking to translate their academic skills into professional success at SaaS companies.
- Cybersecurity Lacks the “Cool” Factor to the Younger Workforce
In addition to being an unclearly defined field of study, for recent graduates of top universities cybersecurity may lack what’s considered the “cool” factor of app design, game design and software design that the Millennials and Generation Z regard as the more lucrative and interesting career path, as well as a more creative outlet for their IT talents. App design in particular, due to the unlimited growth potential of the format, as well as its many financial success stories, continues to drain the pool of some of the field’s most innovative talent.
- Improving the Security Gender Gap
The cybersecurity job gap is undoubtedly related to the STEM gender gap. In the U.S., while women currently comprise over 60% of all college graduate degree holders, only 11% of all cybersecurity professionals are female (according to ISC², a global NPO that educates and certifies information security professionals). SaaS corporate recruiters across the board are struggling to attractively present potential security career opportunities to this huge demographic of highly educated, motivated graduates searching for their opportunity to grow their careers.
- The Current Cybersecurity Workforce Base is Already Hard at Work
The hard reality for SaaS businesses is that the vast majority of cybersecurity experts are not only currently employed, but thriving in high-salaried positions, with little incentive to actively explore employment options. Many times, enticing top-notch security talent requires huge increases in compensation, which many SaaS companies are challenged to do.
Cybersecurity Management Software Can Help Fill the Talent Gap
One key to filling the SaaS cybersecurity talent gap is the use of cybersecurity management software to build, manage and report cybersecurity with the organization's current IT team. From organizing policies and plans to a specific framework like SOC2, to training employees, staying on top of tasks and projects, and reporting cybersecurity instantly to customers, cybersecurity management software saves hundreds of hours of manual processes while building security expertise internally. Think about the tools your company already uses such as salesforce.com, Trello or Jira for other critical areas of your business. Cybersecurity management software, which Apptega delivers, fills that gap as customers demand their SaaS vendors build and maintain a robust security program. Want to learn more about how Apptega helps fill the talent gap for SaaS companies more efficiently than any other approach?