The security certification and industry body (ISC)2 predicts that 6 million security professionals will be needed by both the public and private sectors by 2019. Unfortunately, only 4.5 million of those experts will have the necessary qualifications, The Financial Times reported Wednesday (Nov. 18).
Globally, the demand for cybersecurity resources continues to rise, but many industry experts predict that the forecasted need will surpass availability by a third.
Governments worldwide are putting a greater focus on security and declaring significant investments into their cybersecurity initiatives, while at the same time instituting new regulations requiring companies to follow suit.
Just days ago Chancellor George Osborne announced a new series of initiatives designed to protect the U.K. from cyberattacks and “hit back” against attempts to damage the country’s digital infrastructure.
Citing the need for investments in areas of surveillance and cybersecurity to be greatly increased, the British government will increase its spending on fighting cybercrime by £1.9 billion a year by 2020 in order to safeguard public online assets and significant infrastructures, such as hospitals and electricity grids.
While cybersecurity budgets have surged as a result of ongoing and increasingly sophisticated cyber threats, Trend Micro’s Tom Kellermann told FT that despite more money being thrown at the problem, security teams can only do so much.
“Even if we get authority in the budget to hire, where the hell are we going to find them?” Kellermann explained, noting that while there are plenty of openings it is still “very difficult to find the appropriate talent.”
FT cited research from recruitment analysts Burning Glass, which showed that while there were nearly 50,000 job openings for CISSP-certified employees in the U.S. in 2014 alone, only 103,000 people worldwide hold a CISSP cybersecurity certification.
Burning Glass’ data confirmed that cybersecurity positions are more difficult to recruit for and also took 14 percent longer to fill in the U.S., compared to other jobs.
“You need people who know the technology but can also speak the language of the boardroom, and translate tech talk into understanding for the C-suite,” Mark Brown, U.K. and Ireland executive director of cybersecurity and resilience for EY, told FT.
Experts at (ISC)2 expect to see the demand for cybersecurity professionals to spike by 10.8 percent each year from 2014 to 2019, with the supply only increasing by 5.6 percent over the same time range.