During the height of the pandemic, “superhero” was the truest description for who our
healthcare workers are and the work they do. They indisputably save lives. Now, a threat of
a different kind is spreading, so a new hero has emerged: the cybersecurity professional.
They’re not saving lives in a literal sense, but they’re protecting us all the same.
As our global society embraces more complex and innovative ways of using technology,
criminals are using that same technology maliciously. The threat is so urgent, and the need
for cyber workers is so critical, that the White House established the National Cyber
Workforce and Education Strategy (NCWES) to address both the immediate and long-term
cyber workforce needs. Just as there was, and still is, a shortage of healthcare workers,
there are not enough cyber professionals on the front lines.
The Cyber Talent Gap And Why It Persists
As someone who specializes in recruiting tech talent, I see the reality of this labor shortage
play out day after day. Our clients desperately need cyber talent, and we’re fervently
working to deliver. But this isn’t a problem a single person or entity can fix. Research shows
the gap between global demand and cyber workforce capacity in 2022 was estimated at 3.4
million people, a 26% increase over the previous year. Meanwhile, Gartner predicts that by
2025, more than half of significant cyber incidents will come from a lack of talent as well as
general human error.
The gap is unmistakable. Right now, demand for cybersecurity workers outpaces supply.
And as the prevalence of attacks increases, organizations need robust teams to prevent
them. But this delta isn’t just a matter of headcount. There’s also a worrisome diversity gap.
Data reveals only 9% of the cyber workforce is Black, 4% is Hispanic and 8% is Asian.
Additionally, fewer minorities hold leadership roles despite being highly educated.
While there are academic programs and boot camps to train the next generation of cyber
talent, they’re not churning out graduates quickly enough to keep pace. Additionally, non-
traditional talent find it difficult to access certification programs, and four-year degree requirements and in-office mandates further alienate diverse talent or remove them from
consideration.
For those who do make it into the field, they’re often inundated with heavy workloads and
forced to work long hours. They also endure high-pressure environments where, if an
attack does occur, cybersecurity teams are left singularly responsible. All of this leads to
significant burnout within the industry.
Closing The Delta Between Cybersecurity Supply And Demand
The White House’s NCWES is a great starting point for addressing the wide delta between
talent supply and demand. The plan’s four pillars reflect a smart approach for beginning to
solve this issue in the long term.
1. Equip every American with foundational cyber skills.
Inherent to this pillar is the directive to encourage people to pursue careers in
cybersecurity. We want every person who envisions a future in the field to believe they can
achieve it. However, representation is key here. People can’t be what they can’t see, and to
best address the looming threat of cyber attacks, we need varied perspectives and ideas at
the table. Companies must make a concerted effort to hire those with the skills to perform
entry-level roles but ensure there’s diversity across leadership and management levels.
2. Transform cyber education.
A core tenet of closing the talent gap is making cybersecurity training more affordable and
accessible. This is often the biggest barrier to entry for talent, especially those who aren’t
able to attend a traditional four-year university. If academic institutions, secondary schools,
and organizations can collaboratively find ways to offer more free or low-cost certification
courses, cybersecurity talent can develop earlier and hone their skills so they can enter the
workforce quickly.
3. Expand and enhance the national cyber workforce.
To diversify the cyber workforce, employers, staffing organizations, and other partners
must embrace a skills-based approach to hiring. It’s imperative that organizations create
learning pathways for talent to grow and progress in their careers. Requiring a laundry list of qualifications and requirements for every role will significantly limit employers’ talent
pools. By removing four-year degree requirements and hiring for skills, they can bring in
more diverse talent faster.
4. Strengthen the federal cyber workforce.
Opening up jobs and career paths at the federal level will provide another avenue of
employment for cyber talent. While federal work isn’t for everyone, by practicing what they
preach, our government is living out its commitment to driving progress and improving
access. This also opens the door for collaboration, grants, and other resources.
Public-Private Collaboration Is Necessary
Cybersecurity threats are real, and we’re all at risk. The more heroes we have on the front
lines, the safer we’ll all be. But it’s important to remember that the cyber workforce gap is
not the responsibility of a singular entity. A true partnership between government entities,
academia, and the private sector is necessary to align educational programs with industry
needs, share best practices, and create a robust, agile, and diverse cybersecurity
workforce.
“The Quest To Close The Cybersecurity Talent Gap” originally appeared on Forbes.com