Cybersecurity Talent Crunch To Create 3.5 Million Unfilled Jobs Globally By 2021

Posted at 03:01h in by cybercrimemag in Reports

350 percent growth in open cybersecurity positions from 2013 to 2021

The 2019/2020 Official Annual Cybersecurity Jobs Report is sponsored by Herjavec Group, a leading global cybersecurity advisory firm and Managed Security Services Provider (MSSP) with offices across the United States, Canada, and the United Kingdom.

– Steve Morgan, Editor-in-Chief



Sausalito, Calif. – Oct. 24, 2019

The New York Times reports that a stunning statistic is reverberating in cybersecurity: Cybersecurity Ventures’ prediction that there will be 3.5 million unfilled cybersecurity jobs globally by 2021, up from one million positions in 2014.

The cyber employment figure has been corroborated by hundreds of media outlets, including the world’s largest, as well as industry associations, universities, governments, vendors, recruitment firms, and security experts, since our original report was published in May 2017.

Soon after our employment data was released, the World Economic Forum (WEF) republished an article with permission from Knowledge@Wharton, the online research and business analysis journal of the Wharton School of the University of Pennsylvania, which shared our report, and observed “nowhere is the workforce-skills gap more pronounced than in cybersecurity.”

Earlier this year, the Harvard Business Review shared our report, and summed up the plight: “The majority of chief information security officers around the world are worried about the cybersecurity skills gap, with 58 percent of CISOs believing the problem of not having an expert cyber staff will worsen.”

Cybersecurity Ventures arrived at our original estimation of unfilled positions after reviewing and synthesizing dozens of employment figures from the media, analysts, job boards, vendors, governments, and organizations globally. In 2019, we’ve conducted similar research, and we stand firmly behind the two-and-a-half-year-old prediction.

Over the eight-year period tracked, the number of unfilled cybersecurity jobs is expected to grow by 350 percent, from one million positions in 2013 to 3.5 million in 2021. And of the candidates who are applying for these positions, fewer than one in four are even qualified, according to the MIT Technology Review.

Despite industry-wide efforts to reduce the skills gap, the open cybersecurity headcount in 2021 will be enough to fill 50 NFL stadiums. A Forbes Technology Council post states that the number would be in the top 100 for the size of work populations of countries worldwide — not just industries.

Every IT position is also a cybersecurity position now. Every IT worker, every technology worker, needs to be involved with protecting and defending apps, data, devices, infrastructure, and people.

“It’s a full-on war for cybertalent” one industry veteran who specializes in recruiting and placing senior-level information security executives told the Los Angeles Times.

Robert Herjavec, founder and CEO at Herjavec Group, said, “Unfortunately the pipeline of security talent isn’t where it needs to be to help curb the cybercrime epidemic. Until we can rectify the quality of education and training that our new cyber experts receive, we will continue to be outpaced by the Black Hats.”

“There is a zero-percent unemployment rate in cybersecurity and the opportunities in this field are endless,” added Herjavec. “Gone are the days of siloed IT and security teams. All IT professionals need to know security – full stop. Given the complexity of today’s interconnected world, we all have to work together to support the protection of the enterprise.”

Numerous pundits from industry associations and vendors have chimed in on the cybersecurity jobs dilemma, with adjustments to shortfalls in their previous estimates, which now align more closely with Cybersecurity Ventures’ steady forecast.

ISC(2), an international, nonprofit membership association for information security leaders, produced research in 2018 which estimated the cyber worker shortage at nearly 3 million — on the heels of a report they put out just a year earlier, which stated a drastically lower 1.8 million figure by 2022.

Members of the ISC(2) leadership team recently posted a blog on their website which states “the cybersecurity skills shortage is expected to result in 3.5 million unfilled positions by 2021” (according to Cybersecurity Ventures via Forbes) — which underscores ISC(2)’s alignment to our research.

“By Cybersecurity Ventures’ predictions, and we agree from everything we see, there will be 3.5 million unfilled cybersecurity jobs in the next couple of years worldwide,” said Mark Aiello, a cybersecurity recruiting expert and representative for the eastern Massachusetts chapter of ISC(2) at a recent cybersecurity conference held in Boston.

Our estimate has solidified as the de facto figure which the cybersecurity industry and the media relies upon for projected job openings.

WIRED highlights our jobs data in a recent story and concludes that despite looming threats of an ever smarter and technologically advanced hacking landscape, the security industry is not resourced to fight hackers or AI-powered exploits.

A Forbes Business Development Council post asserts that if you aren’t prioritizing hiring or training for IT security in 2019, then it’s time to rethink your company’s core priorities. If you agree, then read on…

The editors at Cybersecurity Ventures have compiled the most important facts, figures, statistics, and predictions to help frame the global cybersecurity labor shortage, and what is being done in an attempt to close the gap.

UNFILLED JOBS

No matter how you crunch the numbers, there’s a huge need for cybersecurity workers over the next decade.

Out of the 3.5 million open cybersecurity positions expected by 2021, Cybersecurity Ventures estimates more than 2 million openings will be in the Asia-Pac region, and nearly 400,000 will be in Europe.

The U.S. has a total employed cybersecurity workforce consisting of 715,000 people, and there are currently 314,000 unfilled positions, according to Cyber Seek, a project supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology (NIST) in the U.S. Department of Commerce.

Members of the CNBC Tech Council put the number of U.S. technology job openings at 700,000 to 1 million over the past 12 to 24 months. Based on those figures, cybersecurity positions made up 32-45 percent of all U.S. tech job openings.

At the end of 2018, there were more than 26,000 openings for cybersecurity analysts in the U.S.

Cybersecurity isn’t alone in the labor crunch, although it’s one of the hardest hit STEM fields. Between 2017 and 2027, STEM jobs will grow 13 percent, compared to 9 percent for all other jobs. However, it was estimated that in 2018, 4 million STEM jobs in the U.S. went unfilled.

U.S. METROS

There are many new initiatives across the U.S. that are aimed at bolstering our nation’s future pipeline of cybersecurity candidates.

INTERNATIONAL

Help Wanted: Cybersecurity experience preferred. This is the consistent theme across regions globally.

TRENDS

If there’s one trend that everyone can agree on, it’s that cybersecurity is a fast-growing market with tremendous career opportunities.

YOUTH MOVEMENT

We need to encourage and nurture our K-12 and college students to become future cyber fighters.

COMPENSATION

Cybersecurity is a highly respected and well-paying occupation, from entry-level positions up to chief information security officers.

WOMEN IN CYBERSECURITY

Women know cyber, and we need more of them in the cybersecurity industry. Their talents and contributions are essential to the well being and safety of the world.

CERTIFICATIONS

Here are 10 hot security certifications for IT workers in 2020, compiled by the editors at Cybercrime Magazine:

JOB SEEKERS

Five resources for cybersecurity job seekers:

The editors at Cybercrime Magazine maintain a catalog of cybersecurity career related stories that feature research from Cybersecurity Ventures. This is a useful resource for job seekers, hiring managers, HR chiefs, search firms, recruiters, and market watchers.

“30 years ago I had no idea a career in cybersecurity was even possible. Today it’s the hottest industry to be a part of and the resources are available, at your fingertips, to learn more and engage,” says Herjavec Group’s Robert Herjavec. “This is an ever-evolving industry, and the demand for incredible talent with varying skills — from coding, to analysis, to hunting to technical expertise in a particular technology discipline, to consultation … it isn’t slowing down anytime soon. What are you waiting for?”

Download a PDF version of this report.

– Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.

Our Sponsor

At Herjavec Group, cybersecurity is what we do. Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. We have expertise in comprehensive security services including Managed Security Services & Professional Services (Advisory Services, Identity Services, Technology Implementation, Threat Management & Incident Response). Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.