The different challenges for new cybersecurity hopefuls
We’ve talked about the serious gap in IT and cybersecurity positions currently plaguing modern organizations. Though the total estimation of added Cybersecurity professional careers reached its highest point, the global shortfall of workers is still impacting tech-centric organizations abroad. Stated from the 2023 Cybersecurity Workforce Study: “Conversely, the global workforce gap continues to grow even faster: The gap grew by 13% from 2022, which means that in 2023 there are roughly 4 million cybersecurity professionals needed worldwide (Page 4),” meaning new entries into the field are not enough to make up the gaps in an overall global market.
This is in contextual relation to the growth of new jobs added to the Cybersecurity workforce (or careers adjacent to cybersecurity), which did see one of its highest rates of new professionals – estimated to be 5.5 million according to the same ISC2 2023 study. So, in other words, while yes, new minds are finding potential careers in IT Cybersecurity, the global shortfall is still ever present. And the reasons for this go well beyond diminished interest or lack of financial potential.
Aside from one of the most hostile threatscapes and difficult security environments professionals have ever observed, it’s the herculean requirements also enforcing barriers to new hopefuls.
Minimum experience required
It’s the same disheartening story people face when seeking professions to support themselves. “Entry level” jobs with optimistic prospects are laden with intensive experience and education backgrounds, thus contradicting “entry level.” And in the IT and cybersecurity sector, that’s also a trend.
Even when dangling a job market with handsome financial rewards and securities, new hopefuls encounter a challenging road. For one, serious positions require an established education background, even basic IT and cybersecurity jobs. Coursera, citing the online job platform Zippia, discovered that at minimum 56 percent of cybersecurity professionals at least had a bachelor’s degree.
Of course, it is an understandable requirement. Cybersecurity is a complex field fitting numerous specialties, categories, and positions. Onboarding staff without comprehensive skillsets and training is detrimental to a business; simply adding staff vaguely fitting the “cybersecurity” definition does not guarantee healthy security posture.
But in the same vein, its lofty barriers to starter Cybersecurity positions creating a dilemma. Organizations need expert staff, but their requirements keep out said professionals. If the 2023 ISC2 study stays consistent, the global shortage gap for cybersecurity professionals will continue to widen.
Naturally, standards for high-level positions are established for a reason. Cybersecurity Managers, for example, have numerous responsibilities governing a business’ security strategy. Even smaller positions like a Jr. Security Analyst require a degree, several IT/cybersecurity certifications, and depending on the enterprise 1-2 years of IT experience.
Outpaced by technology
In 2019, Burning Glass wrote a comprehensive study: Recruiting Watchers for the Virtual Walls. It’s been a central reference point regarding the growth of cyber-adjacent positions and our inability to fill them at a national and global level. Even back then, the study pointed out roughly 6 in 10 jobs are “cyber enabled,” (page 19), adjacent to services, technology, and roles requiring some form of cybersecurity.
Compounding these requirements is technology and its rapid growth. Technological tools are an invaluable resource for personal and professional reasons, expediting workflows and connecting staff. For instance, a 2022 analysis conducted by the US Chamber of Commerce found “ninety-three percent of today’s small business owners report using at least one type of technology platform to help run their business.” Remote tools, apps, tech and software was also incremental in keeping smaller businesses afloat during the height of the COVID-19 pandemic.
But while tech has a positive impact on growth and accessibility, it creates new attack surfaces and potential nodes of intrusion. The more an enterprise is reliant on tech, the greater its need to monitor resources and protect IT infrastructure is.
Thus, the problem balloons: tech-reliance grows and increases productivity but securing this tech and IT infrastructure needs cybersecurity expertise. Since it is harder for cybersecurity hopefuls to enter the field due to rigorous requirements, gaps in staff fulfilment form.
Navigating the problem
The tech industry and organizations abroad sit in a precarious place. Relaxing requirements for cybersecurity professionals can put more eyes on a problem. But insufficient skillsets only worsens IT issues and backfires in the long-term.
Organizations therefore confront the challenge of integrating needed staff, managing tech, and running normal business operations. New prospects also face a challenging road ahead when seeking new careers in cybersecurity. Therefore, establishing a cohesive middle ground to deal with the challenges of IT stability is important. Not just to address gaps in staff, but to lessen the gap of demand versus new cybersecurity jobs.
For example, some organizations utilize third-party services and managed service providers to fill the blank spaces in their staff. An MSP, for instance, provides expertise and access to resources otherwise absent in a tech-reliant business. However, it’s up to organizations to understand their relationship with business technology and cybersecurity resources. If they need to secure IT and improve security, a careful balance is needed.
For now, entering the cybersecurity field proves challenging. While long-term demand is guaranteed, hopefuls are still presented with an array of requirements.
If you’re experiencing shortfalls in staff and need additional IT coverage, consider third-party services. Contact Bytagig today for additional information.