(ISC)² – the world’s largest non-profit association of certified cyber security professionals – has issued the findings of its 2018 Cyber Security Workforce Study. The research shows a widening of the global cyber security workforce gap to nearly three million across North America, Latin America, the Asia Pacific region and Europe, the Middle East and Africa.
Formerly the Global Information Security Workforce Study, the 2018 (ISC)² Cyber Security Workforce Study is based on feedback from a broader, more representative sample of the men and women responsible for securing their organisations around the world. This includes many IT/ICT staff within organisations ranging from large enterprises through to small businesses who may or may not have formal cyber security roles, but do have hands-on responsibility for securing critical assets every day – spending at least 25% of their time on such activities. Their views and opinions create a more realistic representation of the cyber security challenges and opportunities the industry faces around the globe.
“This research is essential when it comes to fostering a clearer understanding of who makes up the larger pool of cyber security workers and enables us to better tailor our professional development plans for the men and women securing organisations day in and day out,” said (ISC)2 CEO David Shearer CISSP. “We will share these powerful insights with our partners in Government and the private sector to help establish the programmes necessary to advance the cyber security profession. By broadening our view of the workforce to include those with collateral cyber security duties within IT and ICT teams, we’ve actually discovered that professionals are still facing familiar challenges, but also found striking differences compared to previous research, including a younger workforce and greater representation of women.”
Key insights revealed in the study
*Of the 2.93 million overall gap, the Asia Pacific region is experiencing the highest shortage at 2.14 million, at least in part thanks to its growing economies and new cyber security and data privacy legislation being enacted throughout the region
*North America has the next highest gap number at 498,000, while the EMEA and Latin America contribute a 142,000 and 136,000 staffing shortfall respectively
*63% of respondents report that their organisations have a shortage of IT staff dedicated to cyber security. 59% say their companies are at moderate or extreme risk of cyber security attacks due to this shortage
*48% of respondents say their organisations plan to increase cyber security staffing over the next 12 months
*68% of respondents say they are either very or somewhat satisfied in their current job
*More than half of all respondents globally (54%) are either pursuing cyber security certifications or plan to do so within the next year
*Some of the biggest career progression challenges respondents reported are unclear career paths for cyber security roles (34%), a lack of organisational knowledge of cyber security skills (32%) and the cost of education to prepare for a cyber security career (28%)
*The four areas cyber security professionals feel they will need to develop most or otherwise improve upon over the next two years in order to advance in their careers include cloud computing security, penetration testing, threat intelligence analysis and forensics
For more data points and additional context on the cyber security workforce gap. download the full study at www.isc2.org/research