How Serious is the Cybersecurity Talent Shortage?

HR hiring concept

Across all industries worldwide, cybersecurity has become a top priority. Hackers keep pumping out new types of malware, and data breaches keep occurring. As of April 8, there were already 281 breaches exposing nearly 6 million records in 2019 so far, according to the Identity Theft Resource Center.

Businesses can’t afford to sit back and wait until they’re attacked to defend themselves against cybercriminals. With the average cost of a data breach globally totaling $3.86 million according to IBM and the Ponemon Institute, the wisest course of action is to proactively protect your organization with a comprehensive cybersecurity strategy.

However, everyone looking to effectively combat IT security threats faces a significant obstacle: a cybersecurity talent shortage. If you’re a business leader seeking to minimize your data breach risk, consider the following information on the extent of this issue and what you can do to overcome it.

The Cybersecurity Workforce Gap by the Numbers
(ISC)² – an international, nonprofit association for information security professionals – released a report on the cybersecurity workforce gap in 2018. The report draws on a survey of nearly 1,500 cybersecurity pros and IT pros who spend at least 25 percent of their time on cybersecurity tasks.

Here are a few key statistics from the report that illustrate the extent of the talent shortage:

  • The global shortage of cybersecurity professionals is approximately 2.93 million.
  • 63 percent of survey respondents said their organizations have a shortage of IT staff focused on cybersecurity.
  • 59 percent also say their organizations have a moderate or extreme cyberattack risk level because they lack sufficient cybersecurity talent.

“Awareness of the cybersecurity skills shortage has been growing worldwide,” the report’s introduction states. “Nevertheless, that workforce gap continues to grow, putting organizations at risk. Despite increases in tech spending, this imbalance between supply and demand of skilled professionals continues to leave companies vulnerable.”

What’s Behind the Cybersecurity Talent Gap?
The increasing popularity of e-commerce and rise of new technologies like mobile devices and the Internet of Things has created more opportunities for cybercrime. In the past few years in particular, the demand for cybersecurity talent has surged, according to Verizon.

Basically, the supply hasn’t had time to catch up to the skyrocketing demand. Universities and training programs need time to develop the right courses so that job candidates have the cybersecurity skills companies are searching for, Verizon explains.

However, it will take a while for college students to complete the new coursework and find their way into the workforce. Another, faster answer to the talent shortage is for workers to learn through on-the-job training.

What Can Businesses that Need IT Security Expertise Do to Overcome the Talent Gap?
There are several ideas out there already concerning how to remedy the growing and highly concerning cybersecurity skills shortage. Here are a few notable proposals:

Form an industry-wide alliance: If large enterprises in the IT world (e.g., Dell, Cisco, Microsoft, Google and so on) join forces, they could put cybersecurity training programs in motion to address the talent shortage, according to the CSO opinion piece “The cybersecurity skills shortage is getting worse” by Jon Oltsik, a principal analyst at Enterprise Strategy Group.

Broaden the job search to include candidates with potential to learn. Companies shouldn’t necessarily rule out professionals who don’t have the ideal qualifications in terms of degrees, certifications and experience, Arctic Wolf Networks CEO Brian NeSmith advises in the Forbes article “The Cybersecurity Talent Gap Is An Industry Crisis.” Be open-minded and consider that intelligent candidates with great problem-solving skills might do well in the role, even if they don’t have all the prerequisites.

Turn to a third-party provider for assistance. A managed security services provider like Stratosphere Networks can help you gain access to high-level cybersecurity expertise while still containing costs. Services such as virtual CISO and CSO can give you all the benefits of having a security pro on staff without drawbacks like the price of training and hiring an in-house executive.

If you’d like to learn more about cybersecurity and how to gain access to the expertise you need to achieve comprehensive protection for your organization, don’t hesitate to contact us by calling 877-599-3999 or emailing We work with a wide range of cybersecurity solution vendors – in addition to offering our own multilayered IT security solution – and can help you find products and services that make sense for your specific circumstances.

Contact Us

We will handle your contact details in line with our Privacy Policy. If you prefer not to receive marketing emails from Stratosphere Networks, you can optout of all marketing communications or customize your preferences here.