The global cybersecurity industry is facing a significant challenge in filling critical roles, with over 40% of companies struggling to find qualified professionals. This shortage is particularly acute in information security research, malware analysis [1] [2] [3], security operations center (SOC) [2] [3], security assessment [2] [3], and network security [2] [3].
Description
A recent study has highlighted the global struggle of over 40% of companies to fill critical cybersecurity roles, particularly in information security research and malware analysis [1] [2] [3]. This shortage is most pronounced in Europe, Russia [2] [3], and Latin America [2] [3]. Additionally, roles in security operations center (SOC) and security assessment and network security are also understaffed [2] [3], with rates around 35% and 33%, respectively [2] [3]. The Asia-Pacific region faces a significant shortage of SOC experts, while the Middle East [2] [3], Turkey [2] [3], and Africa lack security assessment and network security analysts [2] [3]. Despite this [2] [3], only 32% of vacancies for threat intelligence roles are reported. The government sector has the highest demand for cybersecurity professionals, with 46% of required roles remaining unfilled [2] [3]. The telecom and media sectors follow closely behind with a 39% understaffing rate [2] [3], while retail and wholesale [2] [3], and healthcare sectors have a 37% vacancy rate [2] [3]. Even industries with fewer vacancies [2] [3], such as IT (31%) and financial services (27%) [2] [3], are still experiencing shortages. To address this issue, experts recommend offering high salaries, better working conditions [2] [3], bonus packages [2] [3], and investing in up-to-date training [2] [3]. However, the rapid evolution of the IT market in certain developing regions outpaces the labor market’s ability to educate and train specialists with the necessary skills and expertise in a timely manner [2] [3]. Developed economies and matured businesses report lower rates of InfoSec professional shortages. A comprehensive approach [2] [3], including recruitment efforts [2] [3], training investments [2] [3], and technological solutions [2] [3], is needed to strengthen cybersecurity resilience against evolving threats [2] [3].
Conclusion
The shortage of cybersecurity professionals has significant implications for global security. To mitigate this issue, it is crucial to offer competitive salaries, improve working conditions [2] [3], provide bonus packages, and invest in training programs. The rapid evolution of the IT market in developing regions poses a challenge in educating specialists with the necessary skills. Moving forward, a comprehensive approach that includes recruitment efforts [2] [3], training investments [2] [3], and technological solutions is essential to enhance cybersecurity resilience against evolving threats [2] [3].
References
[1] https://vmblog.com/archive/2024/02/21/kaspersky-finds-almost-half-of-companies-struggle-with-understaffing-infosec-experts.aspx
[2] https://www.infosecurity-magazine.com/news/40-firms-struggle-cybersecurity/
[3] https://ciso2ciso.com/over-40-of-firms-struggle-with-cybersecurity-talent-shortage-source-www-infosecurity-magazine-com/