Workforce shortage impacts 85 per cent of organisations’ cybersecurity

Workforce shortage

Cybersecurity company, Trellix, has conducted new research into the talent shortage in the industry that shows 85 per cent believe the workforce shortage is impacting organisations’ abilities to secure increasingly complex information systems and networks. 

Of the current workforce, 30 per cent plan to change professions in the future. 

“Our industry is already 2.72 million people short. Cultivating and nurturing a cybersecurity workforce for our future requires expanding who we view as talent and changing our practices across the public and private sectors,” Trellix CEO Bryan Palma said. 

“Closing the cybersecurity talent gap is not only a business imperative, but important to national security and our daily lives. We need to remove barriers to entry, actively work to inspire people to do soulful work and ensure those in the field are retained.”   

The findings are based on a Vanson Bourne survey, commissioned by Trellix, of 1,000 cybersecurity professionals in Australia, Brazil, Canada, France, Germany, India, Japan, the UK and the US across different sectors.  

More education is needed 

As threats from nation-state actors and cybercriminals grow in volume and sophistication, the worldwide shortage of cybersecurity professionals grows as well. While some countries like Russia and China invest deeply in nurturing cybersecurity talent through state-funded education, many nations are without dedicated programs.  

Trellix sought to understand education levels and found over half (56 per cent) believe that degrees aren’t needed for a successful career in cybersecurity. The survey also found: 

  • Support for development of skills (85 per cent) and the pursuit of certifications (80 per cent) were selected as highly or extremely important factors for the industry to expand the workforce; 
  • Employers could be doing more to encourage community mentoring programs with a presence in K-12 schools (94 per cent); and  
  • Areas most likely to attract people to cybersecurity included efforts to promote the soulfulness of cybersecurity careers (43 per cent), encouragement of STEM students considering cybersecurity careers (41 per cent), and more financial support for students in cybersecurity career paths (39 per cent). 

Diversity drives better outcomes  

Of the cybersecurity professionals surveyed, 78 per cent are male, 64 per cent white and 89 per cent straight, and a large majority of respondents (91 per cent) believe there needs to be wider efforts to grow the cybersecurity talent pool from diverse groups.  

When it comes to encouraging more people to consider a career in cybersecurity, respondents reported inclusivity and equality for women (79 per cent), diversity of the cybersecurity workforce (77 per cent) and pay gaps between different demographic groups (72 per cent) as highly or extremely important factors for the industry to address. 

Additional findings include:    

  • Most respondents (92 per cent) believe greater mentorship, internships, and apprenticeships would support participation of workers from diverse backgrounds into cybersecurity roles; 
  • 85 per cent believe individuals are discouraged from entering the profession simply because they lack perspective into the field’s various potential roles and opportunities for upward mobility; and 
  • 94 per cent of those surveyed believe their employers could be doing more to consider employees from non-traditional cybersecurity backgrounds and 45 per cent report having previously worked in other careers.  

Cybersecurity is soulful work 

The survey found the vast majority (94 per cent) believe the role of those working in cybersecurity is greater now than ever before and a similar amount (92 per cent) report cybersecurity as purposeful, soulful work that motivates them.  

However, cybersecurity professionals are hungry for recognition, with 36 per cent noting they feel a lack of acknowledgement for the good done for society. Of those looking to leave the field, 12 per cent say it is due to lack of feeling appreciated.  

The survey discovered:  

  • More than half (52 per cent) report working within cybersecurity because it’s progressive, evolving and they enjoy exploring challenging new trends; 
  • 41 per cent report cybersecurity is continuously growing in relevancy and roles will always be accessible as a reason for staying in the profession; and 
  • Around one in five (19 per cent) note they value doing something to help society for the greater good. 

The talent gap survey follows the release of Trellix’s In the Crosshairs: Organisations and Nation-State Cyber Threats report, which found organisations report limited cybersecurity talent as the greatest barrier to protecting themselves against nation-state cyber threats.  

Trellix also recently published Path to Cyber Readiness – Preparation, Perception and Partnership, which cited 49 per cent of US government agencies felt their internal cyber security skills were inadequate.