Winning the war for cybersecurity talent

Security leaders say they expect demand for talent to outstrip supply for at least the next several years. Your task: develop staffing plans that recognize that reality.

Demand for talent  >  Two business people compete for a third in a tug of war
Z Wei / Ivanastar / Getty Images

The numbers aren’t encouraging for CISOs looking to hire security professionals: The U.S. cybersecurity labor market is short about 500,000 workers, according to a recent report from the nonprofit training group (ISC)².

Here’s more discouraging news: That same report, the 2019 (ISC)² Cybersecurity Workforce Study, estimated that the U.S. cybersecurity workforce must grow by 62% to meet the business demands for talent. Globally, the numbers are even more daunting. The group calculated that the global cybersecurity workforce needs to grow by 145% to eliminate the skills gap.

The numbers aren’t particularly surprising, according to leading security authorities who say the report quantifies their hiring experience.

“Yes, we do have a shortage in cyber, and it’s not going to be fixed any time soon. It’s not a field where you can become an expert overnight,” says Keith Palmgren, a senior instructor with the SANS Institute, a cybersecurity training organization, and author of SANS SEC301: Introduction to Cyber Security.

Although the significant lack of cybersecurity professionals creates challenges for CISOs, Palmgren, veteran CISOs and management leaders say the problem is exacerbated by the fact that many enterprise security teams don’t have a talent acquisition and retention strategy that’s aligned to business needs and market realities.

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)