The cybersecurity industry is in a state of disrepair. Human resource problems are growing which put the efforts to secure technology at risk, due to insufficient staffing, skills, and diversity.
The need for talent is skyrocketing, but there aren’t enough qualified workers to meet the current or future demands. By 2017 prospective hiring organizations may have upwards of 2 million unfilled security related positions. With supply low and demand high, prices rise quickly. Security roles benefit on average from a $12,000 pay premium over other computer related jobs. Job growth in the digital security field outpaced IT positions by double and twelve times the rate of the overall job market. As a consequence, hiring companies are becoming very creative in their attempts to attract talent. Industry headhunting practices are more aggressive and prolific to meet the demand. Companies must not only deal with the challenges of hiring, they must also maneuver carefully to retain the professionals they currently have.
To add to the problem is a lack of diversity. The industry needs greater inclusion of more diverse people who infuse new ideas, innovation, and practices. Without an expanding range of perspectives, the industry remains encumbered by traditional thinking. It becomes limited by the boundaries imposed from homogenous experiences, while the threats evolve and blossom in both size and depth of imagination.
Lastly, graduates lack consistency and applicability of skills. Cybersecurity is a rapidly changing field, requiring student’s growth and knowledge to keep pace with relevant methods, technology, and practices. The education system is facing tremendous challenges to reliably prepare the next generation of cybersecurity professionals to be able to protect the digital world we want to live in.
To correct the problem, the industry needs to attract a broader pool of students, including women and underrepresented minorities, to sufficiently meet demand and infuse varied perspectives into the workforce. Academia must align education practices to deliver higher levels of consistency and timeliness of skills in high demand for a rapidly evolving employment landscape. Only then will we achieve a sustainable position to create the future generations of cybersecurity professionals necessary to protect technology.
I recently spoke at the ICT Educator Conference and highlighted the workforce challenges, the need for more diversity, and how Intel is working to improve the academic pipeline. One of the highlights I discussed was Intel’s $300 million investment in diversity. It is a great example of how a corporation can make a difference in the hiring, progression, and retention of a diverse workforce, contribute to building a sustainable flow of talent, and directly support other organizations doing the same. Finally, I discussed how academia is shifting to build a formal degree program for cyber-science related fields. This will ease the frustrations of hiring organizations by improving the consistency of skills supported by applicants’ degrees.
There is much work to be done, but efforts to fix the workforce and talent issues are necessary for the benefit of everyone. Teamwork between educators, government, and the business community is the only way we will overcome the human resource challenges impeding cybersecurity.