November 9, 2023 at 10:06AM
The cybersecurity skills gap, estimated at 3.4 million worldwide, cannot be resolved through traditional higher education channels. Instead, organizations need to recruit from related professions or individuals with relevant soft skills. However, organizations are currently competing for limited resources, potentially leading to a transient workforce and hindering stability and resilience. Encouraging non-skilled applicants without proper support can also backfire. Training is crucial, but organizations are hesitant to invest due to volatility in the job market. Initiatives offering free courses help but fall short of demand. Targeted training in high-demand areas can help stabilize the sector.
The meeting notes highlight the cybersecurity skills gap, which is estimated to be 3.4 million worldwide. It is stated that relying on higher education alone is not enough to resolve this issue. It is suggested that recruiting individuals from related professions or with relevant soft skills could help address the gap. However, organizations are currently competing for resources from a small pool of people, which may threaten security initiatives and create a transient workforce.
Encouraging non-skilled applicants without adequate provision can also have negative consequences. A UK government report found that many cyber-sector companies employ staff without the necessary skills, leading to prolonged vacancies and the inability to meet business goals. Many roles in the cybersecurity field require specialist skill sets or several years of experience. Even if high-potential individuals are recruited, it would take time for them to upskill to the required standard.
Investing in training is another hurdle, as organizations fear that trained staff may become flight risks. However, a survey conducted by (ISC)2 found that most cyber professionals undertake certifications to improve their skills or stay up to date, rather than solely to find new job opportunities. Initiatives such as free courses and exams offered by organizations like (ISC)2 and universities can help, but more targeted training is needed.
The implementation of cyber career pathways in the US, UK, and Europe has provided a clearer understanding of the skills required for specific roles. However, more attention should be given to the roles in highest demand to prevent destabilization. Cybersecurity professionals are expected to continuously undertake demanding qualifications throughout their careers, as they are responsible for the safety of organizations’ data. Providing necessary tuition and identifying roles in crisis could make a significant difference in solving the skills gap.