The number of cybersecurity jobs that remain unfilled due to a skills shortage has reached 2.93 million globally, according to new research by the world’s largest cybersecurity professionals’ non-profit, (ISC) 2.
The 2018 (ISC)2 Cybersecurity Workforce Study, published today, highlights a dramatic gap between the number of available workers in cybersecurity and the number of positions available.
The problem is particularly severe in the Asia-Pacific region, with 2.14 million cybersecurity jobs sitting unfilled. North America is second, with 498,000, while Europe, the Middle East and Africa sits at 142,000 and Latin America at 136,000.
The shortfall is hitting private businesses hard, with 63% of organisations saying they now have a shortage of dedicated cybersecurity staff.
The news comes as cybersecurity salaries have risen dramatically above national averages in the UK.
The dramatic shortfall in potential recruits to fill cybersecurity jobs is putting businesses at significant risk, as many will be unable to adequately protect themselves from attack.
Cybersecurity jobs are on the rise
Notably, while there is currently a dramatic cybersecurity skills shortage, this is set to increase further as new cybersecurity jobs become available.
48% of respondents said that their workforce was planning to up its cybersecurity staffing in the next 12 months.
The changing cybersecurity professional
The study also sought to paint a picture of cybersecurity workers around the world, which demonstrated that efforts to diversify the field are paying off.
Women now represent 24% of the cybersecurity workforce, up 11% from previous similar studies.
The industry is now seeing growth among younger professionals, with 35% being millennial, as opposed to the 20% found previously.
Tellingly, work satisfaction was also very positive, with 68% of respondents reporting that they were either very or somewhat satisfied with their position.
Attracting new recruits to cybersecurity
With such a dramatic shortfall of skilled workers, it’s clear more needs to be done to grow the body of cybersecurity professionals.
However, respondents indicated a number of barriers to this.
34% said they felt there was a lack of clear career paths into such roles, while 32% felt organisations lacked the knowledge of the skills required.
28% also cited the cost of training as a barrier to entering the cybersecurity profession, indicating the potential need to bursaries or other forms of training support to help workers access this field.
Here, (ISC)2 hopes to make an impact with the report.
“We will share these powerful insights with our partners in government and the private sector to help establish the programs necessary to advance the cybersecurity profession,” said (ISC)2 CEO David Shearer, CISSP.