The Great Cybersecurity Workforce Gap
Whether in our homes or offices, we are increasingly surrounded by smart devices and appliances that are permanently connected to the internet. There are currently over 15 billion IoT devices connected to the internet, and that figure is expected to double by 2030. Unfortunately, this means an increasing attack surface and an exponential increase in security threats on the horizon from a security perspective, and figures show that the Covid pandemic increased cyber attacks by 300%.
It’s also concerning that half of all businesses in the UK typically have just one employee responsible for cyber security. Furthermore, outside the direct cyber security industry, 85% of those performing cyber duties in-house are transitioning from a non-cyber role. As these trends increase, private firms continue to focus on transitioning employees who may not have cyber-specific technical skills to fill skills gaps.
How big is the cybersecurity workforce gap?
Cybersecurity is entering the spotlight again, and the industry is struggling to meet the demand to fill new roles. The reality is while many traditional job positions are becoming automated, the cyber security industry currently offers the opportunity of a tiny 0.2% unemployment rate. Unsurprisingly the British Government has warned that the workforce gap in cybersecurity is continuously getting bigger.
In the UK, 4,400 core cyber security postings were posted each month in 2022, which increased by 58% from 2020. Although there are around 7,500 new entrants into cybersecurity each year, there are also 4,600 people estimated to be leaving this field during the same period. When you combine these figures with the growth in demand for cyber skills, the government estimates an annual shortfall in cyber security personnel of c.14,100 (vs the previous year’s estimate of c.10,000).
Many years have passed since ex-LinkedIn CEO Jeff Weiner told attendees at Recode Code Enterprise conference that skills, not degrees, matter most in the job market. Employers are finally catching up with this school of thought after finding that qualifications from traditional education need to do a better job of signalling the kinds of attributes they were looking for from job applicants.
There have also been instances of higher education courses and modules in cyber security needing to be updated. For example, a penetration testing firm carried out a day-long workshop at a university and discovered that the software used on the course was five years out of date. By contrast, employers desperately need candidates with up-to-date cybersecurity and an aptitude for self-learning, problem-solving, and communication skills.
Why is there a cybersecurity workforce gap?
Increasing demand -
The demand for cybersecurity professionals is growing rapidly due to the expanding digital landscape, the rise of cyber threats, and the need to protect sensitive data. Organisations across various industries, including government agencies, financial institutions, healthcare providers, and businesses of all sizes, require skilled cybersecurity experts to defend against cyberattacks.
Shortage of skilled professionals-
There needs to be more qualified cybersecurity professionals with the necessary skills and experience to meet the growing demand. The gap between the number of available cybersecurity positions and the talent available to fill them continues to widen.
Diverse skill set requirements -
Cybersecurity encompasses many specialised areas, including network security, application security, cloud security, incident response, threat intelligence, and more. Each area requires specific knowledge and skills, making finding individuals with expertise in multiple domains challenging.
Rapidly evolving threat landscape -
Cyber threats are constantly evolving, becoming more sophisticated and complex. Cybersecurity professionals need to stay updated with the latest trends, technologies, and techniques to defend against these threats effectively. Continuous learning and upskilling are essential to keep pace with the evolving landscape.
Lack of diversity -
The cybersecurity industry has historically struggled with a lack of diversity, including gender and racial diversity. Encouraging and supporting individuals from underrepresented groups to pursue careers in cybersecurity is important for addressing the workforce gap and ensuring diverse perspectives in threat analysis and defence strategies.
Talent retention challenges -
Retaining cybersecurity talent is a challenge for organisations. Highly skilled professionals are in high demand and often receive attractive offers from competing companies. Organisations must prioritise creating a supportive work environment, offering competitive compensation packages, and providing opportunities for growth and advancement to retain their cybersecurity workforce.
Which cybersecurity skills are in the highest demand?
The world of cyber security provides many different career pathways and specialisms that offer multiple options for new entrants to explore. Ultimately, you will be responsible for protecting data, employees, and end-users from bad actors. But the five key areas you can choose to specialise in are critical infrastructure, application, network, cloud, and the Internet of Things (IoT).
Many guides will teach you how to become a cyber security professional. The good news is that in most cases, an employee’s transferable skills, curious mind, and willingness to learn are the most critical factors when reskilling to begin or switch to a career in cybersecurity. In addition, problem-solving skills, flexibility, a general understanding of vulnerabilities, and attack methods will also make you invaluable to employers.
By combining all of the above with entry-level certifications that can be achieved relatively quickly, you can quickly catapult yourself into an entry-level cyber security role.
What hard skills are needed for cyber security?
Depending on the path you would like to take, the most obvious qualifications for a career in cyber security are Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (C|EH), and CompTIA Security+.
In addition, CompTIA PenTest+ is another excellent example that can help anyone specialise in detecting, preventing, and eliminating vulnerabilities from the outset.
However, before even considering specialising in a particular field, most people will begin with a collection of certifications that can provide new starters with the IT fundamentals to equip them with the right skills to start their career as a cyber security professional. In addition, understanding the terminology and frameworks that global IT teams use will help you build your skillset from the ground up.
With the foundations in place, you can unlock the ability to push your cyber security skills further by progressing to more advanced certifications. This path of continuous improvement will help secure industry-leading certifications from CompTIA, Cisco, EC Council, Microsoft, ISACA, and ISC2.
Is cyber security demand bigger in the UK?
Cybercrime has become one of the fastest-growing crimes, and it’s predicted to cost the world $10.5 trillion annually by 2025. Elsewhere, 87% of consumers have advised that they would take their business elsewhere if they couldn’t trust a brand to securely and responsibly manage their data. Consequently, the reputational damage caused by a data breach can impact a business for many years.
Ultimately, we are dealing with global issues that are much bigger than the UK, and robust cybersecurity skills are in short supply. However, this has created unprecedented opportunities where a 0.2% unemployment rate and a global shortage of cyber security professionals mean that once certified, realising your career aspirations has never been more possible.
By arming yourself with the most in-demand cybersecurity qualifications, you will have the ability to enjoy a lucrative salary, a better standard of living, and the ability to work anywhere in the world. If you are interested in switching to a career in tech and the world of cyber security, our cyber security analyst training will put you on the right path to analyse vulnerabilities in security systems. But, if you are looking to push your cyber security skills further and want to gain industry-leading certifications, our advanced training is a great place to start.
However, there is no such thing as a one-size-fits-all approach, and these are not decisions you need to make on your own or rush into. Please get in touch with our expert cybersecurity career consultants, who will help plot a unique path to unlock the cybersecurity career of your dreams.
Related Articles
- Cyber Security
Why cyber security is the career of the decade
Discover why cyber security is the hottest career of the decade. Learn about high-demand roles, lucrative salaries, and how certifications like CEH and CISSP can kick-start your journey into this thriving industry with Learning People.
Read More - Cyber Security
Ethical hacking vs penetration testing
Do you understand the difference between ethical hacking and penetration testing? This article explores what these are.
Read More - Cloud
Cyber Security or Cloud Computing? Choosing the right career for you.
Explore Cloud Computing vs. Cyber Security to find the perfect IT career for you!
Read More - Cyber security
What is the dark web? Understanding its role in cybersecurity
Learn what the dark web is, how it operates, and why it’s essential for cybersecurity professionals. Explore statistics, tools, and training insights.
Read More