Global Cybersecurity Workforce Expands by 25% in 2020, (ISC)² Reveals

• Researchers report year-over-year reduction in the cybersecurity workforce gap
• The ranks of the cybersecurity profession have grown to 3.5 million infosec professionals (700,000 or 25% more than last year’s workforce estimate)
• Staffing in the field still needs to grow by approximately 41% in the US and 89% worldwide, meaning the talent gap remains a concern
• The average annual cybersecurity salary is highest in North America, at $112,000
• Cloud computing security is the most in-demand skillset

A study by the International Information System Security Certification Consortium, or (ISC)² reveals that, for the first time in years, the global pool of cybersecurity professionals is widening, while the skills gap is narrowing.

The nonprofit association this week released its 2020 Cybersecurity Workforce Study, which enlisted 3,790 respondents across 14 geographies. The respondents dedicate at least 25% of their time to cybersecurity tasks.

The study was designed to “accurately assess the size of the current cybersecurity workforce and the challenges and opportunities they face,” according to the press release.

The study reveals, for the first time in recent history, a year-over-year reduction in the cybersecurity workforce gap. The researchers partly pin it on the increased entry of talent into the field and uncertain demand due to the economic impact of COVID-19.

Then the study reveals an even more optimistic result – that the ranks of the cybersecurity profession have grown substantially, to 3.5 million infosec professionals. That’s 700,000 professionals, or 25% more than last year’s workforce estimate, according to the report.

The research further unveils a corresponding decrease in the global workforce shortage, now down to 3.12 million from the 4.07 million shortage reported last year.

While the data is encouraging, (ISC)2 analysts insist that staffing in the field still needs to grow by approximately 41% in the US and 89% worldwide, meaning the talent gap remains a concern.

As for the impact of COVID-19, the data shows that 30% of cybersecurity professionals faced a deadline of a day or less to transition their organizations’ staff to remote work and secure their newly transformed IT environments.

In a rather questionable uncovering, 92% of those surveyed reportedly indicated that their organization was “somewhat” or “very” prepared to respond, and just 18% saw security incidents increase during this time. These findings are at odds with the results from several studies focusing on the infosec community’s response to the pandemic, including Bitdefender’s own research from May, when half of the IT pros we polled confessed they’d been caught off guard by COVID-19. 86% of respondents in our survey also said cyber attacks were on the rise during the pandemic.

Other findings include:

• Job satisfaction rates increased year-over-year, with 75% of respondents saying they are “somewhat” or “very” satisfied
• The average annual cybersecurity salary is highest in North America, at $112,000
• 56% of respondents say their organizations are at risk due to cybersecurity staff shortages
• Cybersecurity practitioners are concerned that revenue losses related to COVID-19 will affect security budgets
• 23% said that they or a peer had been laid off as a result of the pandemic
• 78% of cybersecurity professionals who still need to work from an office say they are “somewhat” or “very” concerned about their personal safety in relation to COVID-19
• Cloud computing security is far and away the most in-demand skillset, with 40% of respondents indicating they plan to develop it over the next two years
• Just 49% of those in the field hold degrees in computer and information sciences, highlighting the fact that many of the professionals responsible for cybersecurity come from other areas of expertise

The full report is available at: https://www.isc2.org/Research/Workforce-Study.