In 2018, the New York Times published an article predicting that there will be over 3.5 million vacant positions in the field of cybersecurity by the end of 2021.
The forecast was accurate, despite the fact that we made significant efforts to close the skill gap. There are a lot of factors at play here, some of which are connected to salaries, while others are connected to certificates; nonetheless, the reality of the matter is that not only has this prediction come true, but it is also quite likely to come true in the future.
There are 90,000 people in the United States who have the CISSP certification, which stands for certified information systems security professional; however, there are more than 106,000 occupations in the United States alone that need the CISSP certification. For years, the technology sector has been plagued by problems relating to certification and seniority. This is because an increasing number of positions need better quality standards in order to provide the finest product. On the other hand, there is the possibility that we will take in more than we are capable of chewing.
Credentials for jobs that are functionally equivalent, such as Information Security Managers or Senior Engineers, continue to proliferate at a rate that outpaces the number of employees who are truly competent. Even if only job vacancies for entry-level positions do not need the appropriate credentials, the market as a whole is still being constrained as a result of the shortfall.
In addition to the aforementioned, one must also take into account the different points of view. Since the beginning of the epidemic, we have been gradually but steadily moving toward the age of software. Every business eventually transitioned into some aspect of the software industry. In the same way that financial businesses encouraged app creation in order to provide an abundance of payment alternatives, other sets of sectors did the same thing, whether it be applications for restaurants, healthcare monitoring, or pet care technologies. The technology revolution entered every company’s doors, bringing with it the possibility of data theft and other breaches of cybersecurity.
Yet, the growth of technology itself was not the single most important factor that contributed to the workforce shortages. In addition to the choices about qualifications, we also need to take into account the priorities of the employees. Common people came to the realization that a lot of jobs were not willing to offer a living wage in times of crisis as the economy was going through a recession which was caused by a number of factors including tightening of loan policies and poor investment in dominant markets. This was a result of numerous factors. Their need for a job that provided an adequate level of safety was, without a doubt, prompted by the state of the economy; yet, the practices of the companies they worked for were the root cause of the problem.
If we then combine these three aspects, we can locate an entire demographic of software engineers who are:
- Put oneself in a position where one needs to acquire a job that pays well not to increase their overall wealth but rather to ensure that one can pay their rent.
- Are situated in a market that provides an abundance of various employment opportunities spanning dozens of sectors and hundreds of sub-industries, which enables them to put their skills to use in roles that were previously unimaginable.
Due to a more stringent qualifying criterion, they are unable to apply for their usual positions.
- When all three of these factors are brought together, the result is a perfect storm that will further exacerbate the skill gap in the cybersecurity industry. Not only does this result in a loss of money and knowledge, but it also creates significant security threats for prominent businesses. Ironically, this year has seen a plethora of cyberattacks using such kinds of information, ranging from bank hacks in Europe to business secrets.
The Aspect Relating to Education
It is essential to be aware of the fact that, despite the fact that larger corporations are the root cause of these fundamental difficulties, these problems nonetheless influence every level of the technology industry. As a result, titans in the technology industry have made some required measures to solve the problem, with a level of success that is now considered to be modest.
From a quantitative point of view, major corporations such as Google, Microsoft, and Apple have begun their own initiatives to assist in reversing the trend of declining educational attainment. From training programs marketed in the Wall Street Journal to agreements with Black Universities to develop inclusion records, it is believed that the total number of people who have participated in these programs for each of these organizations is in the hundreds of thousands.
This is not to imply, however, that only large technology companies are driving these sorts of activities. Several educational institutions are placing a significant emphasis on enhancing their credentials. The field of cybersecurity was formerly considered a specialized subsector, but now it has become an important focus for many academic institutions, especially those offering master’s degree programs. Community colleges are also a significant asset since they provide free education to the public and often collaborate with Microsoft on educational initiatives. These educational programs provide the chance to get the essential credentials, which are so in demand these days, at a reduced cost in comparison to what the reality was five years ago.
The conclusion that can be drawn from these kinds of initiatives and alliances is that cybersecurity does not need to be seen as a “Whiz Kids” club, which is only open to the most talented people in the world. Nitin Natarajan, the deputy director of CISA, worked as a flight paramedic for a total of 13 years before ever considering entering the commercial sector. This demonstrates how reachable the job is. If we wish to broaden the scope, it is critical that we place our attention on these kinds of tales.
The Other Side of the Coin Concerning Cybersecurity
So what are we going to do about the steadily increasing prices and the falling salaries?
Even if a significant number of those positions are already filled, LinkedIn and other job search engines continue to post thousands of advertisements for open cybersecurity roles. In jobs that have a high employee turnover rate, this is a frequent tactic that is used to create competitiveness. In addition to the absence of suitable compensation, the practices of corporations continue to contribute to the instability of a sector that has a pressing need for it.
The numbers don’t lie: the number of unfilled jobs will continue to rise, and it’s expected that the amount of cybercrime will rise as well. It is estimated that illegal security breaches would cost around 105 trillion dollars by the year 2025. According to CybersecurityVentures, this is the case. This sector is essential to the rest of the tech world, and it also provides a source of income that is likely to be sustainable for the foreseeable future: the tech sector will always need someone to be engaged in monitoring and ensuring that safety standards are in place.
If we want to reduce the size of this talent gap, we need to pursue more ambitious policies rather than just working to improve educational opportunities. Some tentative initial measures include increasing the diversity of our workforce, favoring the use of outside task forces, and paying attention to the requirements of individuals who are participating. But we won’t be able to solve the issue if we don’t get started immediately.
As a business, we are happy to have contributed to the expansion and success of the software industry. We are open to testing new approaches, and this philosophy extends to the area of cybersecurity. Get in touch with us if you feel the need to discuss new directions for your organization or project, and allow us to assist you in turning your vision into a reality.