London Underground platform that says mind the gap

There is currently a skills gap in cybersecurity, and companies need to go a long way to fill that gap. According to a new study from (ISC)2, the cybersecurity workforce will need to grow 145% in order to close that gap.

The 2019 (ISC)2 Cybersecurity Workforce Study estimates that the cybersecurity workforce is currently made up of 2.8 million individuals, but 4.07 million cybersecurity professionals are needed.

In the U.S., the gap is significantly smaller than it is worldwide. The U.S. currently has 804,700 cybersecurity professionals, but needs an additional 498,480. This is an increase of 62%.

Companies are making up for lack of cybersecurity professionals by investing in their developers
Report: Security Operations Centers are understaffed

“We’ve been evolving our research approach for 15 years to get to this point today, where we can confidently estimate the current workforce and better understand what it will take as an industry to add enough professionals to protect our critical assets,” said Wesley Simpson, chief operating officer, (ISC)2. “Perhaps more importantly, the study provides actionable insights and strategies for building and growing strong cybersecurity teams. Knowing where we stand and the delta that needs to be filled is a powerful step along the pathway to overcoming our industry’s staffing challenges.”

The report outlines four strategies that companies can use to build the workforce:

  1. Highlight training and professional development opportunities
  2. Properly level setting on applicant qualifications
  3. Attract new workers, such as recent college graduates, consultants, or contractors
  4. Strengthen from within by developing and cross-training current IT professionals

(ISC)2 surveyed 3,237 individuals responsible for security across North America, Europe, Latin America, and Asia-Pacific for the report.