I\u2019ve been writing about the cybersecurity skills shortage for seven years and have become the \u201cChicken Little\u201d of this topic. Now, we\u2019ve all read about the number of cybersecurity job openings out there, but what is the impact of the skills shortage on cybersecurity professionals who are gainfully employed?This is one of the focus areas of the third annual ESG\/ISSA research report titled, The Life and Times of Cybersecurity Professionals. (Note: I am an ESG employee.)\u00a0To evaluate this question, 267 cybersecurity professionals and ISSA members were asked whether the cybersecurity skills shortage has had an impact on the organization they work at. Nearly three-fourths (74%) of respondents say the cybersecurity skills shortage has impacted their organizations \u201csignificantly\u201d or \u201csomewhat.\u201d\u00a0This percentage has crept up annually. Last year, 70% of respondents said the cybersecurity skills shortage had impacted their organization, while two years ago, it was 69%.Does this indicate that the cybersecurity skills shortage is getting worse? It\u2019s hard to say (based upon ESG\/ISSA research alone) due to the changing research panel pool and the margin of error for the sample size. What\u2019s absolutely clear, however, is that there is no evidence to suggest that the cybersecurity skills shortage is improving whatsoever.Ramifications of the cybersecurity skills shortageWhat are the ramifications of the cybersecurity skills shortage? We asked this question to the 74% of respondents whose organizations have felt the impact. Here are the results:66% of respondents claim that the cybersecurity skills shortage has resulted in an increased workload on existing staff. Since organizations don\u2019t have enough people, they simply pile more work onto those that they have. This leads to human error, misalignment of tasks to skills, and employee burnout.47% of respondents claim that the cybersecurity skills shortage has resulted in an inability to fully learn or utilize some security technologies to their full potential. Let this one sink in. Organizations are buying expensive security tools but then letting them languish because they don\u2019t have the time or resources to take advantage of them. Hmm, I wonder if Marsh & McLennan should consider this fact before developing a rating system for cybersecurity products. Note to Marsh: Product quality doesn\u2019t matter if no one knows how to use it properly.41% of respondents claim that the cybersecurity skills shortage has resulted in having to recruit and train junior employees rather than hiring experienced cybersecurity professionals. This situation is the new reality, so organizations must get used to it. In fact, smart CISOs will work with local universities, develop training and job rotation programs, establish mentorships, and become centers of excellence for cybersecurity career development.40% of respondents claim that the cybersecurity skills shortage has resulted in limited time to work with business units to align cybersecurity with business processes. Think about this one. Organizations are expanding their use of technology as part of their business mission, yet the cybersecurity staff doesn\u2019t have enough time to work with the business to mitigate risk or safeguard business processes. Holy cow, this should be an alarming statistic for every CEO.It is worth noting that the cybersecurity skills shortage is about skills and not just job vacancies. So, many organizations are understaffed AND lacking advanced skills in areas such as cloud security, threat intelligence, security investigations and forensics, etc.\u00a0President Trump recently issued an executive order aimed at bridging the cybersecurity skills gap. Will this make a dent in the skills shortage? Nope. Any action is better than none, but the executive order is window dressing \u2013 too little and too late.\u00a0Since our lives are now controlled by bits and bytes, the cybersecurity skills shortage is an existential threat to all of us. It\u2019s high time we addressed this issue with a true sense of urgency.Note: The ESG\/ISSA report is available for free. The data presented in the report should be beneficial for cybersecurity and IT professionals, business managers, and legislators.