Recent high-visibility cyberattacks (Sony, Target and the U.S. Democratic National Committee to name a few) have raised awareness about the value of cybersecurity experts who can keep an organization’s data and information safe. Standard preventive security software and IT security protocols are not always enough to protect an organization from a determined hacker.1
The Cybersecurity Talent Gap
Most organizations are struggling to recruit and retain employees with premium cybersecurity skills. “There’s a shortage of talent, because almost every enterprise from the Fortune 1000, global 5000, and government agencies are now scrambling to find experienced talent, and it’s become a very competitive market, even for recent graduates,” notes Muddu Sudhakar, CEO of Caspida, a cybersecurity company based in Palo Alto, California.2
Not surprising, salaries for those with cybersecurity skills—for positions from entry- to senior-level—are increasing rapidly3. This has put government agencies, who arguably need these services more than many other entities, at a disadvantage when it comes to recruiting cybersecurity talent.
In a survey by KPMG, three-quarters of the IT and HR executives at companies with 500 to 10,000 employees said they faced emerging cybersecurity challenges that required new IT security skills. Just over 50 percent said they might use a hacker to advise their security teams and nearly the same percentage would consider recruiting a cybersecurity expert with a criminal record. This is a clear indication that the skills needed to combat cybersecurity threats differ from those needed for conventional IT security.4
The gap between demand and supply of cybersecurity experts appears to be caused in part by a lack of millennials entering cybersecurity careers.5 While millennials are very comfortable with technology, they’re not drawn to careers in technology.
Solutions are Critically Needed but Hard to Come by
Part of the solution to this labor market imbalance is to steer more students into the cybersecurity field by appealing to the typical millennial’s ideals about service to community. Additionally, the private sector will need to support the efforts of colleges and universities to foster effective high-level training opportunities and work with government entities to implement programs that enhance the skills of cybersecurity experts. But for now, and into the foreseeable future, organizations face the prospect of offering premium salaries and benefits to recruit and retain the type of top cybersecurity expertise they need.
- Companies should be prepared and willing to pay a premium to hire and retain cybersecurity experts
- As organizations compete for cybersecurity talent, their mobility programs and related benefits could make the difference in attracting these employees and placing them where they are needed the most
- The business community should support university and government programs that encourage and prepare millennials to take on careers in cybersecurity
1Kathleen Richards. Cybersecurity skills shortage demands new workforce strategies. TechTarget, August 2015.
2Robert McGarvey. Why All the Hacks May Be Good News: Cybersecurity Jobs Bonanza. The Street, July 22, 2015.
4KPMG. Hire a hacker to solve cyber skills crisis. November 16, 2014.
5Frost & Sullivan. The 2015 (ISC)2 Global Information Security Workforce Study.