Photo courtsey of WorkingNation.com
As cybersecurity threats that businesses face continue to rise, the demand for cybersecurity professionals has skyrocketed as well. However, businesses are seeing a major shortage of qualified cybersecurity personnel. According to a recent report from business consulting firm Frost & Sullivan, the shortage of qualified cybersecurity specialists is expected to reach 1.8 million by 2022.
Several Factors Contribute to Shortage
One of the biggest factors driving the demand for cybersecurity personnel is the matter has risen to a board-level issue. The Target breach of 2013 and the subsequent resignation of their CEO is often referenced as the turning point for corporations.
“That was sort of a wake-up call to the entire industry,” commented Chenxi Wang, founder and general partner of venture capital firm Rain Capital.
While the Target breach of 2013 was initially a wake-up call for Fortune 500 companies, cybersecurity risks now transcend through virtually all businesses. Having a cybersecurity expert at medium and small-sized businesses is now becoming very common as they are all facing the same threats. Furthermore, a cyber attack on a smaller business could potentially mean bankruptcy, making cybersecurity an even higher priority.
Lastly, the education and experience requirements of cybersecurity professionals are arduous given the recent influx of demand. Companies are often looking for four year or even graduate degrees in computer science or cybersecurity which is extremely challenging to find. Given the idea that cybersecurity is relatively new at the university level, hiring an individual with a four-year degree and 5-10 years of experience to run your cybersecurity program is going to be difficult to find.
Education, Experience and Recruiting are Key
The biggest challenge companies are facing isn’t necessarily that they don’t have the budget to pay a cybersecurity expert, it’s that the people aren’t available to hire. Should a company be able to find an individual to run their cybersecurity program, finding entry-level employees for supporting roles with the proper education, let alone experience, is even harder. Travis Farral, Director of Security Strategy at Anomali suggests companies are going to need to start accepting individuals with non-traditional, non-degree programs that take two years or less to complete. On top of that, companies are going to need to be willing to take the time to train and invest in developing their personnel.
With a median salary of $90,120 for an information security analyst, a career in cybersecurity can be very lucrative. Should the cybersecurity workforce not see a steady incline of graduates with proper degrees, however, the turnover companies face could lead to more complicated issues. According to The Business Journals, 68% of cybersecurity professionals strongly agree that a cybersecurity career can be taxing on the balance between one’s professional and personal life. Due to the shortage of entry-level employees in cybersecurity, professional development has taken a backseat to job demands. Sixty-seven percent of cybersecurity professionals agree that while they try to keep up with their cybersecurity skills, it is hard to do so given their jobs’ demands.
As for the companies who have a proper information security analyst and supporting staff, know that these employees are in high-demand. Treat them well, or they will go; they will not wait around for you to shape up. When qualified people are difficult to find and can have just about any job they want, anywhere they want, you’re going to have to be the better company. While the shortage of employees in the job market is going to significantly raise the salaries of these employees, know that they could be the difference between keeping your business afloat or shutting the doors due to the ramifications of a data breach.
