(Editor’s note: This is the eighth installment of a monthly column on the growing number of cyberthreats facing businesses of all sizes and what they can do about it. See previous installments here.)
Even as tech companies are making headlines for laying off portions of their workforce, cybersecurity workers continue to be in high demand. While not completely immune from these major rounds of layoffs, cybersecurity is considered to be one of the most resilient areas for investment, even in this prudent economic atmosphere.
Because of a shortage of qualified candidates, finding talent with the skills to protect against cyber risks, on the other hand, has become increasingly challenging. According to a December 2022 article by SC Media, this year the cybersecurity employment gap in the U.S. jumped 40% to well over 700,000, and global openings are projected to be 3.5 million in 2025.
Meanwhile, an estimated 80% of organizations suffered from at least one data breach in the past 12 months, according to the report, due to a lack of cybersecurity talent or awareness.
And CNBC in January reported that the supply-demand ratio is currently at 68 workers per 100 cybersecurity job openings.
This lack of available cybersecurity workers is driven by several causes, including the rapid expansion of technology in business and the low number of people currently seeking careers in this sector. This is a trend that has been building over the last few years and the gap will only continue to grow as businesses mature their digital-transformation strategies.
So, what can business leaders do?
• Let go of traditional hiring practices. We must expand our search and look for people that may not fit the conventional job description. We must seek candidates looking for opportunities to grow and learn new skills. Quality candidates don’t necessarily need to have in-depth tech skills, cybersecurity-specific education or experience. Cybersecurity is extremely diverse, requiring understanding in disciplines that range anywhere from technology to psychology, from law, risk, and finance to regulation and more. While these applicants may require a bit more investment in training and mentorship, someone with the right attitude, aptitude, communication skills and desire to learn can ultimately give an organization a more diverse, creative, and engaged workforce.
• Leverage a cybersecurity partner. For organizations that have limited resources focused on cybersecurity, engaging with a cybersecurity business partner can immediately offer access to a wide assortment of talent and resources. This diverse team, with a wide range of competencies and experience, can bring the latest in tools, techniques, processes, standards and training to your organization to help ensure that you are building the right strategies for risk mitigation and business resilience. Leveraging a cybersecurity partner can be a more strategic, cost-effective and efficient strategy for filling the cybersecurity talent gap within your business.
• Put some skin in the game. The only way that we can guarantee our pipeline of talent increases and becomes more sustainable is to invest time in supporting the next generation of workers. Work with your local K-12 institutions to help build a much-needed cybersecurity curriculum in our education systems. Offer your time to speak to middle or high school students. Volunteer on boards, committees or mentorship programs where you can positively influence and encourage more students to seek jobs in cybersecurity. By working with our local K-12 and higher education institutions, you will not only help guide curriculum and workforce readiness, but you will also spark the interest of young students to get into this incredible career path.
Next month: Sizing up cyber insurance.
(Jason Albuquerque is the chief operating officer of Pawtucket-based Envision Technology Advisors LLC. You can reach him through www.envisionsuccess.net.)
