According to statistics published in October, there are around three million vacancies in the cybersecurity industry.
The research came from (ISC)² and of 1452 survey recipients, the highest gap is in the Asia-Pacific region with 2.14 million unfilled roles, partly due to its growing economies and new cybersecurity and data privacy legislation being enacted throughout the region. This is followed by North America with 498,000 vacancies, and 142,000 and 136,000 across EMEA and Latin America respectively.
It feels like these conversations come around constantly: where are the new people coming from? Do they want jobs in cybersecurity? Is this an attractive enough industry to work in? What sort of certifications are needed? What efforts are being put into academia by industry to ensure the next generation are aware? And so on.
The truth is that there are efforts being made, but the problem continues to be reported and surveyed. Is this endemic of cybersecurity focusing too much on the problem and not on the solutions or successes?
We have seen many efforts to solve the skills issue – numerous cybersecurity challenges have been held and participants have been made aware of the career opportunities that exist (with many taking full-time jobs as a result). We’ve seen universities expand their offering beyond straightforward computer science courses, we see conferences offer special student rates and university societies producing their own conferences highlighting both internal and external research.
Despite all of this, it always feels like we dwell too much on the negative side of the issue. One effort to make a difference took place in October in London; it was an event which brought those looking for a job and those looking to hire together. It was called Cyber Recoded and as well as focusing on education around areas such as extra-curricular activities, certifications and apprenticeships, the event offered multiple opportunities for organizations to engage with the delegates.
Whilst on stage chairing a panel, I did notice in the audience several pairings of teenagers and parents, most likely there for the careers fair opportunity. This reminded me of careers fairs that I attended whilst I was preparing for GCSEs back in the early 1990s.
In one instance, I was disappointed to find that the local newspaper group had not showed up. Was I put off a career in journalism because a certain prospective employer did not show? Of course not, I managed to forge my career based on my own enthusiasm and education, but for those seeking a career in the field of cybersecurity, it does pay to keep your options broad.
The (ISC)² study found that the four areas cybersecurity professionals feel they will need to develop most, or improve on over the next two years in order to advance in their careers, include: cloud computing security, penetration testing, threat intelligence analysis and forensics. Of those four areas, pen testing and forensics remain exceedingly popular because of the offensive skills and investigative challenge that it proposes, not to mention the popularity of team contests like Capture the Flag.
Here at Infosecurity, we make our own effort to aid the next generation of cybersecurity professionals, with a section specifically dedicated to promoting future cybersecurity stars, which we launched in 2017. Since then, over 100 articles have been published by those seeking an opportunity to get their work and research distributed, and featuring those making an effort to help the next generation achieve their aims. Several next generation audio productions have been made, both as part of our Online Summit events and as a stand-alone webinar. What’s more, at Infosecurity Europe in June this year, we gathered together three of the people we have featured for a live video panel discussing getting a job.
This level of education and awareness can only be positive, as the next generation now have opportunities available to them to begin a career. The (ISC)² study found that 34% of respondents said that “unclear career paths for cybersecurity roles” was the biggest career progression challenge, but with new options for getting a job and the broad range of possibilities open to the next generation, maybe we will go some way to reducing that number and filling those three million positions.