In a January 2023 article, Forbes highlights the growing skills gap in cybersecurity, pointing to research from Cybersecurity Ventures that reveals a global 3.5-million-person shortage in the sector, marking a 350% increase in the past decade.
This shortage, according to Computer Weekly – citing numbers that come by way of research from cybersecurity firm Trellix– is fueled by the workforce’s frustrations with the profession, with 47% feeling as though their place of work offers them “limited promotion and development opportunities,” 35% citing a “lack of a clear career path,” and an additional 34% blaming a “lack of management support” as a cause of their dissatisfaction.
Table of Contents
Why is the cybersecurity skill gap widening?
Cybersecurity professionals’ growing unease with the profession contributes to the talent shortage in two key ways. Firstly, they are leaving for (often higher-paying) roles at other companies, resulting in skills gaps for specific organizations.
The other is more far-reaching, with nearly one-third of cybersecurity employees planning to leave the profession entirely, portending a stark new reality to which organizations must adapt to stay competitive by attracting and retaining top-quality candidates.
What can you do to close the cybersecurity skills gap?
Bridging the cybersecurity skills gap requires a deep understanding of the cybersecurity skills that are currently in demand and valuable. That understanding will help you develop recruitment and training initiatives, as well as cultivate plans for employee development that will work to engage and satisfy employees in the face of a global talent shortage.
What skills are most in-demand for cybersecurity?
The field of cybersecurity is constantly evolving, and the demand for specific skills may change over time. The following, however, are the three key areas of cybersecurity skills that are currently in demand, as well as a bit of insight into why they are perceived as so valuable. We’ll also take a look at common certifications that prove expertise in each.
Governance, risk management and compliance
Governance, risk management, and compliance skills refer to the abilities to establish effective organizational structures, identify and assess potential risks, and ensure adherence to legal and regulatory requirements. These skills involve developing frameworks, implementing controls, and maintaining compliance with the aim of mitigating risks and promoting ethical and responsible behavior, with the following certifications among those that prove expertise in the area:
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Auditor (CISA)
- Certified in the Governance of Enterprise IT (CGEIT)
- Certified Compliance and Ethics Professional (CCEP)
- Certified Internal Auditor (CIA)
Why are governance, risk management and compliance skills valuable in 2023?
Governance, risk management and compliance skills are crucial for navigating challenges in a dynamic business environment that faces:
- Evolving regulations that require organizations to stay updated and compliant to avoid penalties and legal issues
- Growing cyber threats that demand effective risk management to protect sensitive data and preserve operational continuity
- Business continuity needs that call for robust risk management practices in place to ensure uninterrupted operations during disruptions or crises
With the increasing adoption of cloud technologies, knowledge of securing cloud platforms, such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform, – as well as a deep understanding of cloud architecture, identity and access management (IAM), and secure configuration. Such candidates may possess the following certifications:
- Certified Cloud Security Professional (CCSP)
- AWS Certified Security – Specialty
- Microsoft Certified: Azure Security Engineer Associate
- Google Cloud Certified – Professional Cloud Security Engineer
- Certified Cloud Security Specialist (CCSS)
Why are cloud security skills valuable in 2023?
Cloud security skills are valuable in 2023 because organizations increasingly rely on cloud infrastructure for data storage and application hosting. Employees with cloud security skills help organizations:
- Protect data, applications, and infrastructure in the face of evolving threats and vulnerabilities
- Comply with data privacy regulations that safeguard sensitive information stored or processed in cloud environments
- Perform identity and access management in an era when remote work has become commonplace
Network security skills rely on a strong understanding of network protocols, firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs). Knowledge of network traffic analysis, packet inspection, and network segmentation techniques is also highly valued. Sought-after certifications in network security include:
- Certified Information Systems Security Professional (CISSP)
- Certified Network Defense Architect (CNDA)
- Certified Network Security Professional (CNSP)
- Cisco Certified Network Professional Security (CCNP Security)
- CompTIA Security+
Why are network security skills valuable in 2023?
Network security skills are valuable in 2023 due to the growing complexity of networks and the rise of cyber threats. Network security skills help organizations:
- Increasingly rely on remote work and cloud technologies that can be prone to security risks
- Work with a growing number of IoT devices that may introduce vulnerabilities and potential entry points for cyberattacks
- Ensure the uninterrupted operation of essential systems and services in the face of evolving and sophisticated cyber threats
How can you manage and track cybersecurity skills?
You can effectively manage and track cybersecurity skills by taking several proactive measures, including but not limited to:
- Conducting skills assessments to evaluate existing cybersecurity capabilities
- Developing competency frameworks aligned with industry standards
- Providing opportunities for continuous skill development through training
- Utilizing skills management software to monitor progress and identify skill gaps
Skills management software in particular can help organizations stay up-to-date with the latest cybersecurity threats and technologies, and identify areas for further skill development — ultimately improving organizational security and reducing the risk of cyberattacks.
Additionally, you can make use of our free cybersecurity skills matrix template, which is populated with many of the most common cybersecurity skills your organization needs to thrive.
With it, you will receive a clear overview of the skills that are present in your organization, as well as those that are missing. Using this information, you can develop and implement a plan to ensure that your employees’ skills are up-to-date, comprehensive, compliant, and ready for the future.
What are organizations doing to overcome the cybersecurity skills gap?
Proact is one of Europe’s leading independent data centers and cloud service providers. It helps businesses and authorities cut costs and reduce risks while boosting their flexibility, productivity, and efficiency.
To effectively manage cybersecurity skills, Proact uses AG5’s skills management software to replace cumbersome Excel and Sharepoint files with a centralized system that links software manufacturers’ requirements to staff certifications. This ensures that Proact assigns the right employees to the right projects at the right times – all while managing skills and certifications from within the AG5 app.
Read the Proact case study for the full story. In doing so, you’ll gain a better understanding of exactly how AG5 can transform the way you approach cybersecurity skills management.
Ready to get started with cybersecurity skills management?
If you’re ready to take the next step toward taking control of cybersecurity skills in your organization, schedule a free, live, 15-minute demo of AG5’s skills management software today. There, you’ll have a front-row seat to watch AG5 in action.