What does the future hold for the cybersecurity workforce?

Written by: ISC2
Published on: 27 May 2021

There is little question that the cybersecurity sector is inconstant flux. Security threats are constantly evolving, as are the skills needed to keep on top of them. There has also been a growing gap between supply and demand of skilled personnel. With the exception of last year, the cybersecurity skills gap has been growing, far outstripping the number of people working in the sector. Even with the narrowing of the gap last year, there is still a disparity of 3.12million between the number of people actively working in the sector and the total number of skilled roles needed to fully satisfy organisational demand and the wider cybersecurity needs of society.

Also consider the significant demands being placed on cybersecurity professionals in their day-to-day roles. Even these have changed markedly in the last 18 months, with the impact of COVID-19 lockdowns causing unprecedented workplace disruption and triggering mass remote working across much of the globe. To facilitate this, cybersecurity professionals have been at the forefront of delivering digital transformation changes – often on less than a week’s lead time – in order to keep businesses open and trading. Many were pulled out of their normal roles and had a wide range of skills put to the test. It raises questions about workplace contentment, career development opportunities and whether practitioners are getting access to the continuous development and education they need in order to deal with a constantly evolving job role and threat landscape.

How has your career been impacted? How has your organisation changed? How has your work evolved?

In order to answer these and other questions, (ISC)2 conducts the Cybersecurity Workforce Study, its biggest annual research programme. The survey collects data from thousands of security professionals at all levels, drawn from small, medium and large organisations throughout Europe, North America, Latin America (LATAM) and the Asia-Pacific region (APAC).

The study seeks to establish the current makeup of the workforce, with an eye to the challenges they face, skills they need to develop, job satisfaction, salary benchmarks, team composition, views on the value of certifications for staff and leadership, hiring trends and future organisational needs. On top of this, it provides the data needed to calculate a variety of important industry metrics including the size of the workforce, the size of the cybersecurity skills gap and the geographic composition of the industry.

Now more than ever, we need your input in this study so we can understand and document the current state of the industry, especially given the considerable disruption being experienced and the substantial demand for skilled professionals. Doing so will allow us, as well as anyone viewing the research – from organisations, governments to the media – to foster conversations and inform decision making across the future of cybersecurity training, skills development, hiring priorities, service development and other wider investment, policy and resource decisions.

We need to hear from cybersecurity professionals, (ISC)² members and non-members, representing all regions globally.

You can participate in the study here

The results will be published towards the end of the year and we look forward to sharing the findings with the whole cybersecurity sector. Thanks for taking part and sharing your insights.