Cybersecurity Skills Shortage Explained


As more cyberattacks happen by the minute, businesses claim that they need cybersecurity professionals to protect their systems and databases more than ever. However, this field has some shortages both in the available workforce but also in skills related to it. It is estimated that there will be 3.1 million unfulfilled cybersecurity positions worldwide by 2021.

The supply and demand gap In terms of shortages in the cybersecurity workforce available has reached some concerning numbers. There are two job postings for one available professional, meaning that in the USA out 504 thousand job postings, there are 250 thousand cybersecurity professionals available.

However, there are states and countries where this ratio is even higher. According to a report from the International Information System Security Certification Consortium or (ISC)2 regarding the global IT security workforce, the Asia Pacific region has a total of 2.6 million unfulfilled positions in systems security, accounting for 64% on the entire world.

And because these attacks are growing exponentially by 350% per annum while they are getting more complex, they are one of the reasons why the workforce is limited. This is also linked to the fact that each business has unique security requirements for protecting its system and network. Yet some of these issues can be partially automated and there are solutions that can help businesses secure their online systems from attackers while they take the time to complete their IT staff.

Another reason is its popularity. Although millennials are growing in a tech-replete world, only 9% of those wishing to have a tech-related profession chose cybersecurity. They have admitted in a survey that they don’t know what the role entails and 65% of them said their schools didn’t offer relevant classes despite interest. This means that some drawbacks are the lack of learning opportunities and training for interested millennials.

Thus, universities should design programs that teach students to defend their systems. Businesses can also create apprenticeship programs for training entry-level employees on the necessary skills needed for system security and combating attacks. If a position doesn’t necessarily need technical skills, then businesses perhaps could focus on those traits more relevant to the position like organizational or leadership skills.

Nevertheless, businesses should provide training and additional education for their existing IT security staff. They might already possess knowledge from school, but on-the-job training to better detect phishing, scams, potential attacks, and vulnerabilities, as creating the best tools to combat threats are quite necessary, so employees can also learn better what the business needs.

Another issue of why this position has shortages is due to burnout and stress. Professionals in the field are responsible for a company’s sensitive data, so it is understandable that some of them can suffer from stress and burnout. This however also impacts the turnover of a business. A friendlier work-space and continual training so the employees can be constantly updated on the latest technological trends can help them be more efficient at work, but also ensure that a business will remain protected as its cybersecurity professionals are happy and productive.

Although this gap will remain prominent for quite some time, businesses can still manage the situations if they employ the right budget to train existing employees to better protect their systems. Universities can also help by designing programs that would provide students with adequate skills to protect systems and design software to detect flaws.