Cyber-Workforce Shortage to Increase

The serious talent shortage in the information security workforce shows no sign of waning:

The Center for Cyber Safety and Education says that employers must look to millennials to fill the projected 1.8 million positions that are estimated to be unfilled by 2022.

This is an increase of 20% from the 1.5 million worker shortfall forecast by the Center’s 2015 Global Information Security Workforce Study (GISWS).

“For years, we’ve known about the impending shortage of the information security workforce, as evidenced by our study year-over-year,” said David Shearer, CEO, (ISC)², which sponsored the report.

“For the first time, we’re taking a deep dive into the millennial respondents, and we’re finding that they want different things in terms of job satisfaction and career paths. They truly are the future of cybersecurity, and I believe they hold the key to filling the well-publicised information security workforce gap.”

One of the largest studies of the information security profession ever conducted, the 2017 GISWS was carried out from May through September 2016 by Frost & Sullivan, using a web-based survey.

Since its first release in 2004, the GISWS provides a complete profile of the information security workforce, with a clear understanding of pay scales, skills gaps, training requirements, corporate hiring practices, security budgets, career progression and corporate attitudes toward information security that is of use to governments and corporations, hiring managers, and information security professionals.

Among the findings is the fact that millennials salaries are not the highest priority for millennials. However, they received higher salary increases than other generations.

What they do want is career development, including: Sponsored mentorship and leadership programs; paid-for attendance at industry events; training programs; and employer-paid professional certifications and association memberships.

The report also found that millennial workers are more likely to change employers than other generations; and, they’re more likely to aspire to become security consultants than move into managerial roles within an organisation.

“Millennials will and in many cases are already critical players who enable the success of our collective cyber defense,” said Angela Messer, executive vice president at report sponsor Booz Allen, and the firm’s cyber-innovation business leader and cyber-talent development champion.

“To attract, retain and empower these millennials, it’s clear from the Global Information Security Workforce Study that our industry must be innovative not only in its tradecraft, but also in how we support this next generation of information security professionals.

At Booz Allen, we provide opportunities for skills development by offering traditional training and covering certification or advanced degree program fees, as well as non-traditional learning opportunities, such as our Kaizen capture the flag platform and hacker space labs.”

The report also found that the UK is in a particularly bad spot. Two-thirds of UK companies have too few cyber-security personnel, with 47% claiming the reason is a dearth of qualified applicants.

But many organisations seem to be shooting themselves in the foot by refusing to hire and train inexperienced recruits. Some 93% said previous cyber-security experience is an “important factor” in hiring, and just 6% said they recruit university graduates.

Infosecurity:

 

« Cyber Skills Gap Grows Along With Threats
Malvertising Targets Your Online Users »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

Cyber 360

Cyber 360

Cyber 360 is a Cybersecurity contract and fulltime placement firm dedicated to identifying and hiring Cybersecurity professionals.

Zertificon Solutions

Zertificon Solutions

Zertificon is a leader in professional email encryption and data security.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

NewGens

NewGens

NewGens is a solution and service provider to banking institutions in the APAC region. Areas of expertise include cybersecurity, AML, fruad prevention, compliance and risk management.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

CrowdSec

CrowdSec

CrowdSec is an open-source & participative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

HiddenLayer

HiddenLayer

HiddenLayer is a provider of security solutions for machine learning algorithms, models and the data that power them.

Zerify

Zerify

Zerify offers the industry’s only video conferencing platform built with a zero-trust architecture to keep your meetings secure, private and business compliant.

Protecto

Protecto

Make privacy and governance effortless. Brakes allow you to drive faster. Stronger data privacy and security enable companies to unlock the full potential of the data.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

Nordic Defender

Nordic Defender

Nordic Defender is the first crowd-powered modern cybersecurity solution provider in the Nordic region.