The cybersecurity field is lacking hundreds of thousands of workers - and this new research shows us why

News
By
published

Do people just not want to work, or are companies too picky with their requirements?

Small Business office
(Image credit: Getty Images)

New research from ISACA shows that businesses are facing increased risk from the cyber skills gap.

The report comes in light of the fact that Europe is currently facing a shortage of between 260,000 to 500,000 skilled cybersecurity workers, and with cyberattacks fast becoming a daily occurrence for businesses, the report shows that over three-quarters (78%) of security leaders believe most organizations are under-reporting the attacks they experience.

 With over half (52%) of organizations experiencing more cyberattacks than last year, it has never been more important to have a robust cyber defense. However, 62% of leaders in the cybersecurity field say that their teams are understaffed, and only an astounding 41% have a high level of confidence in their teams ability to handle cyber threats.

Retention, training, and upskilling

These statistics signal just how dire the cyber skill landscape is - but things are starting to improve. Compared to 2022, staffing within the cybersecurity field has marginally increased, up from 34% of respondents describing their team as ‘appropriately staffed’, to 36% in 2023.

Around a third of respondents (34%) said most of the vacant positions within their cybersecurity team were at the lowest level, individual contributors/technical cybersecurity. Contrast this with the type of positions that are unfilled - 50% non-entry-level compared to 21% entry-level - and it's understandable how this crisis has come to be.

Entering the field of cybersecurity requires not only experience, but also qualifications, which companies are hesitant to invest in due to the current crisis in retention. However, if you are looking to work in this field, there are some key skills that are sure to get you hired, with identity and access management (IAM); cloud computing; data protection; incident response; and DevSecOps all named as vital.

There are also key soft skills that are highly desirable within the industry as a whole, such as; communication; critical thinking; problem-solving; teamwork; and attention to detail. 

“If businesses are to maintain their cyber resilience in an ever-evolving threat climate, we must encourage and nurture talent in the cybersecurity industry.” said Chris Cooper, member of ISACA’s Emerging Trends Working Group, “Employers are looking for people who already have hands-on experience, but we will only enable people to build that experience by creating more entry-level roles and investing in the right training and development for everyone in the industry, from the ground up.” 

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.