(ISC)² just revealed its latest cybersecurity industry survey, with disappointing results on the size of the InfoSec talent gap.
There are nearly 3 million unfilled cybersecurity jobs on the planet.
Cybersecurity workforce study results
Here are three top findings on the cybersecurity workforce study in 2018:
- Of the 2.93 million overall gap, the Asia-Pacific region is experiencing the highest shortage, at 2.14 million, in part thanks to its growing economies and new cybersecurity and data privacy legislation being enacted throughout the region.
- North America has the next highest gap number at 498,000, while EMEA and Latin America contribute a 142,000 and 136,000 staffing shortfall, respectively.
- 63% of respondents report that their organizations have a shortage of IT staff dedicated to cybersecurity. And 59% say their companies are at moderate or extreme risk of cybersecurity attacks due to this shortage.
What is the point of this study, aside from pointing out the huge need for more professionals to pursue information security careers?
"This research is essential to fostering a clearer understanding of who makes up the larger pool of cybersecurity workers and enables us to better tailor our professional development programs for the men and women securing organizations day in and day out," said (ISC)² CEO David Shearer, CISSP. "We will share these powerful insights with our partners in government and the private sector to help establish the programs necessary to advance the cybersecurity profession."
And Dr. Bret Fund, Founder and CEO at SecureSet, puts it like this:
"Cybercriminals are increasing in numbers and deepening their skillsets. The 'good guys' are struggling to keep pace. Organizations need to build sustainable recruiting practices as well as develop and retain the talent they already have to boost the organization's cyber resilience."
Developing your own skilled workforce
U.S. Bank is an example of how a company can emphasize cybersecurity recruiting and training practices. The company is building an information security talent pipeline.
Watch this brief interview with U.S. Bank CISO Jason Witty for an overview of his team's talent recruitment strategy: