With increased cyber security risks and attacks, the cyber security gap has been in discussion lately. It is a rising concern in the cyber security industry that skilled-labors are very less as compared to the demand and this has been predicted by cybersecurity ventures that 3.5 million cyber security jobs will remain empty by 2021. The report declares a 350% rise in cyber security jobs from 2013 to 2021.
Why this GAP in the Cyber Industry?
In the cyber security industry when a new candidate enters to upgrade their career, or wish to enter the industry, they find it very difficult to work against the experience and knowledge required, thus contributing to the view of a skills shortage. These candidates do not have the road map to start their process like where to start with applications, and find it hard to make an outstanding performance without any hand-on experience. The irony of this situation is that companies also find it incredibly hard to find entry-level talent.
Many studies have been performed to analyze the state of cyber security shortage, amongst which one of the studies was performed by (ICS) 2 cyber security workforce studies in 2019. According to the report, only 42% of respondents reported to have their first job was in a cyber security field, which concludes that most of today’s security professionals are emerging from other careers.
Also one of the highlighting feedback considering the youth in cyber security which says that 65% of the cyber security professionals are aged 25 to 44, making cyber security a group of young and energetic brains. Another encouraging point to mention about this survey was that 30% of the respondents were women. Thus cyber security fields can have candidates from diversified fields considering their background and knowledge.
A major reason increasing the complexity of the situation is the educational background. A researchers published a report report where it states that 81% of hackers are self-made, making it difficult for these candidates to write a resume in case they want to enter the cyber industry to fight against cyber crimes, and harder for employers to assess one. Also the companies hiring for cyber security professionals are not looking for fresher’s much, but need experienced people.
Solutions to fill the Gap in cyber security
Since organizations need candidates at a higher level, it becomes difficult to fill these positions (senior positions) due to more newcomers available in this field as compared to experienced candidates. There is certainly a demand for candidates at this level, but many of the roles that go unfilled are more senior. This problem is not unique to the cyber security field, as organizations that hire candidates at a junior level usually train those candidates to do the job required.
This approach decreases their time to hire and train as well as decrease the overall cost of recruiting for the role. Hopefully, it also increases retention as career progression is incredibly important to cyber security professionals. Rather than offering higher salaries, organizations should consider the essential parts of a job description and then make a call on deciding the salary.
Robert Herjavec, founder and CEO at Herjavec Group, said,
“Unfortunately the pipeline of security talent isn’t where it needs to be to help curb the cybercrime epidemic. Until we can rectify the quality of education and training that our new cyber experts receive, we will continue to be outpaced by the Black Hats.”
Expanding the job requirements can open up a new pool of workers and increase job opportunities in areas of cyber security where under employment has leached in. Areas such as neural-diversity can be considered for employment who are currently under the category of under-employment . This will also encourage Women to apply for these jobs that are often put off by these wish lists. Making a more realistic list of requirements may attract candidates who are returning to work, including women returning after a period of maternity leave. Implementation of such statistical approaches would lead to better recruitment and more awareness.
There may be other sources which can be wisely used for making the cyber world more efficient, for e.g. JPMorgan Chase hired roughly 2,100 individuals with criminal backgrounds in 2019, which was around 10% of its new hires. This allows the skills of these dark web workers to be utilized in a white background, also giving them a new start.
Adhering to the candidates who do not have cyber security experience but have a broader business skill set, also fill a critical skills gap. It becomes easy for organizations to train these candidates as they understand the wider business and can communicate in non-technical language. Organizations, in general, are limiting their talent pool by not opening up their requirements for cyber security jobs due to the skills available within the organization.
Due to the increasing cyber crime, harmonizing the demand of skills in cyber security has been suggested to become worse by the experts. The organizations will have to adhere to the hiring section, making it smooth for all diversity individuals to explore in this field and work to fight against the increasing cyber crimes in industry.
Wesley Simpson, chief operating officer with (ISC) 2, said in a formal statement
“Knowing where we stand and the delta that needs to be filled is a powerful step along the pathway to overcoming our industry’s staffing challenges”