Blog

As the Cybersecurity Profession Grows, So Does the Workforce Gap

Oct 20, 2022

2022-Workforce-Study-Web-Banners_1024x512 The cybersecurity field has become larger than ever, but as the ranks of cybersecurity professionals increase, so does the workforce gap. The 2022 (ISC)² Cybersecurity Workforce Study reveals the workforce has grown to 4.7 million, an 11% increase from a year ago, while the workforce gap is now 3.4 million, up from 2.7 million.

“Despite adding more than 464,000 workers in the past year, the cybersecurity workforce gap has grown more than twice as much as the workforce with a 26.2% year-over-year increase, making it a profession in dire need of more people,” the newly published report says. Findings were based on polling 11,779 cybersecurity practitioners and decision-makers around the globe.

The widening gap notwithstanding, the study found that job satisfaction among cybersecurity professionals is high. Three-quarters of respondents (75%) report strong job satisfaction, and about the same number of professionals say they feel passionate about their work.

“Although overall satisfaction with cybersecurity work continues to be high, organizations may not be doing all they can to maximize employee experience,” according to the study. “For example, cultural divides between junior and senior employees are widening, especially when it comes to the perceptions of diversity, equity and inclusion.”

In addition, 70% of respondents say they are overworked. Fewer than a third (28%) feel their organization listens to them or values their input, which has a negative impact on employees. “This impact is felt particularly with older workers who may feel like their experience has earned them the right to have a voice in the industry and their organization. When these employees are not listened to, they do not feel valued.”

Respondents also have strong views on workplace flexibility. More than half would consider switching jobs if they were no longer allowed to work remotely. This finding is consistent with studies of the overall workforce. Hybrid work models gained popularity during the COVID-19 pandemic, and now most employees want to have a choice of working from home or the office. Before the pandemic, 23% of cybersecurity professionals worked remotely or had the flexibility to choose where to work. That number has more than doubled to 55%.

Cyberattack Risks

The cybersecurity workforce gap has been a major challenge for organizations through the years: 70% of respondents in this year’s Cybersecurity Workforce Study say their organization does not have enough cybersecurity employees. In addition, more than half of respondents in organizations with workforce shortages say the gaps create “moderate” or “extreme” risk of a cyberattack.

Problem areas identified by respondents include not having enough time for assessment and oversight of processes, misconfigured systems and insufficient time to adequately train cybersecurity teams.

The inability to find qualified candidates for cybersecurity teams is the most common cause of workforce gaps in organizations. Those gaps often get wider as the attack surface increases with the addition of new technologies that create potential entry points for attackers.

But recruitment challenges aren’t the only contributor to workforce gaps, according to the study. “The most negatively impactful issues are ones that organizations can indeed control: not prioritizing cybersecurity, not sufficiently training staff, and not offering opportunities for growth or promotion.”

Staff Increases

Despite the persistent workforce gap challenge, 72% of respondents expect their cybersecurity teams to increase somewhat or significantly within 12 months. This is a level of optimism far above that of the past two years – 53% in 2021 and 41% in 2020.

The study suggests that one way to succeed in filling cybersecurity gaps involves collaboration between cybersecurity hiring managers and HR. “Cybersecurity hiring managers who had a strong working relationship with their HR department were far less likely to have significant staffing shortages at their organizations.” However, only about half of hiring managers have such a relationship, the study found.

For more details from the study, click here .