As technology rises and cybersecurity threats increase, businesses are more and more eager to hire information security professionals who can help protect their company. These individuals are in high demand, with a job outlook that is expected to grow 18 percent by 2024. This anticipated increase in the growing cybersecurity market is higher than the national average for all other occupations. Cybersecurity professionals design and execute safety measures that will protect an organization’s computer networks and systems. Having the best talent available is necessary to keep up with and surpass the efforts of ever adapting hackers and cyber threats.
However, there is a common perception that there are not enough qualified individuals in the industry who have the skills necessary to secure company and government data from hackings and additional cyber threats. This article will address that fear, how it was established and outline possible ways that a shortage of information security individuals may not be as severe as you may think.
This belief in a talent shortage has stemmed from a variety of circumstances. One main contributing factor to why companies believe there are no qualified cyber security individuals available to hire can be attributed to various accounts that were published referencing a talent shortage crisis. One specific report published by Intel Security and the Center for Strategic and International Studies (CSIS) claimed that there was a cybersecurity talent crisis in Australia, France, Germany, Israel, Japan, Mexico, the United States, and the United Kingdom. This study also reported that this shortage of talent was responsible for significant damage to organizations who were vulnerable due to a lack of talent. This lack of skilled security professionals to implement systems to protect their assets makes these companies easy targets for cybersecurity threats. The report also stated that the largest talent shortage was for individuals with some of the most important and highly technical skills. The report also implied that hands-on training and practical training were better methods for teaching these necessary skills than the traditional education system.
However, these findings directly contradicted the experiences of the U.S. Department of Homeland Security (DHS) as they searched for individuals to fill vacant information security positions. In October 2015, the U.S. government set out to hire 6,500 people with information security skills by January 2017. As part of the ongoing search for qualified individuals, the DHS held a job fair. The chief human capital officer at DHS, Angela Bailey, stated that “The amount of talent available to hire was so great, we stayed well into the night interviewing potential employees.”
Many companies are skeptical of the government’s findings. Due to the high demand and growth of the cybersecurity job market, critics find it hard to believe Bailey’s claim of having received 14,000 applicants. With the market offering highly competitive wages and having little to no unemployment in the information security industry, the perks of a government job aren’t as appealing to cybersecurity professionals as working for a private sector company would be. Some argue that the government was hiring individuals that still needed training, whereas other businesses are experiencing a talent shortage as they try to hire fully qualified individuals who do not need any additional training. These contradictions between government experiences and industry research support the claims within the Intel Security and CSIS report stating that many organizations feel that governments are not investing enough resources into building cybersecurity talent.
Being prepared for cyber threats and security hackings is important for both businesses and governments. Similar to investing in backup solutions for protecting valuable data, organizations need to invest in ways to develop talented and skillful individuals who are adequately prepared to protect the assets of companies and government entities. Performing research that provides accurate numbers of employed individuals compared to vacant positions, studies which methods of teaching are most beneficial for preparing individuals, and analyzes what resources are necessary to help make education possible will prove to enhance the overall cyber security of both businesses and government establishments.