A recent report by Cybersecurity Ventures reveals that the current unemployment rate for cybersecurity professionals stands at 0%. In fact, there are as many as 1 million cyber security positions currently going unfilled.
This news is notable, but hardly shocking for cybersecurity insiders. The number of unfilled positions is largely unchanged from the same time last year, underscoring the challenges of making forward progress in terms of hiring. The gulf is expect to increase to 1.5 million unfilled positions by 2019, with the need for cybersecurity professionals reaching 6 million worldwide.
Experts from throughout the tech industry have commented on the challenges of recruiting and retaining required cyber security talent. Some point to a lack of quality education and training. Until the number of available cyber security programs and graduates begins to increase significantly, there will never be enough qualified candidates available to adequately respond to the threat of cyber crime.
Part of the blame is also placed on the employers. In the rush to fill vacant roles, many have tried to recruit one professional to fill multiple vacant positions. That requires an unrealistic skill set while creating an unmanageable workload for anyone occupying these positions. As a result, turnover is high and security suffers.
In order to combat the talent gap, companies have begun increasing salary and benefits for cybersecurity professionals while prioritizing training and professional development in entry-level positions. Until academia is able to meet the recruiting demand, companies will need to develop their own talent.
Experts also point to the granulated nature of cyber crime as an employment challenge. There is not a single skill set necessary to be successful in one of these roles. And often professional who excel in one area struggle in another. Recruiting needs to acknowledge these differences and narrow the list of required hard and soft skills in order to find talent that is poised to succeed and able to commit long term.
The consensus, however, is that the single biggest obstacle to recruiting is the evolving nature of cyber crime itself. With new advanced threats appearing regularly and wreaking havoc across enterprises and industries, hiring is often reactive by necessity and ineffective as a result.
By some estimates cyber crime will cost the world $6 trillion annually by 2021. In 2015 the estimated cost was $3 trillion. Spending on products and services meant to combat the threat will also increase to $1 trillion annually by 2021. By all accounts, the demand for cybersecurity professional will continue to outpace supply into the foreseeable future.