For years, experts have recommended cybersecurity as a future career choice, arguing that there will always be a strong demand. It seems that this advice was correct, as estimates now indicate that there will be 3.5 million unfilled cybersecurity jobs around the world by 2022.
The Original Estimate Regarding Cybersecurity Jobs
A report from the New York Times from 2018 first offered this estimate from Cybersecurity Ventures, predicting there would be 3.5 million unfilled jobs in cybersecurity by 2021. For comparison, in 2014, there were one million unfilled positions in the industry.
It is worth noting that despite this prediction being several years old, the figure seems to be accurate, with more recent sources continuing to cite it and referring to it as accurate.
Other Important Figures
The estimate of 3.5 million unfilled jobs by 2021 or 2022 is backed up by other sources. Additionally, in 2019, the Harvard Business Review reported that 58% of CISOs expected the issue of not having experts on cybersecurity on their team to get worse over time.
It is also worth noting that as of 2019, only a quarter of candidates for these unfilled cybersecurity jobs were qualified. This highlights the severity of the issue.
The 2020 Cloud Computing Study from IDG offers more recent insights, which show the trend continuing. Notably, 30% of executives said that one of the main challenges of migrating to and operating in the cloud was a lack of security skills.
Additionally, 82% of C-level execs and IT security believed they had one or more data breaches as they implemented new technology.
How Companies Can Overcome the Shortage in Cybersecurity Candidates
With so many unfilled cybersecurity jobs, it becomes a challenge for companies to recruit and maintain top talent. However, experts suggest a few methods of reducing the effects of this challenge.
Hire and Train
One strong strategy is to choose to train cybersecurity professionals in-house. With this method, companies would focus on recruiting candidates with a solid base of skills, including practical experience and technical fundamentals. Then, the candidates would complete additional training and gain skills via hands-on experience in the role.
Be Realistic About Requirements
Companies in search of cybersecurity candidates should also be realistic about their requirements. For example, they should not ask candidates to have five years of experience with a technology that has only been around for two.
Maintain Your Talent
It is also crucial for companies to maintain their talent after they are recruited. Offer benefits or salaries that keep employees happy. Provide opportunities for growth. Make talent feel appreciated. This will prevent them from being successfully headhunted by competitors.
Are you a professional searching for an infrastructure, cybersecurity, or InfoSec opportunity?