Workforce shortage impacts 85% of organisations’ cybersecurity posture

Bryan Palma, Chief Executive Officer at Trellix
Bryan Palma, Chief Executive Officer of Trellix

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), conducted new research into the talent shortage afflicting the cybersecurity industry.

Among the key findings, 85% of those surveyed believe the workforce shortage is impacting their organisations’ abilities to secure increasingly complex information systems and networks. Of the current workforce, 30% plan to change professions in the future.

What were Trellix’s thoughts on the study?

“Our industry is already 2.72 million people short. Cultivating and nurturing a cybersecurity workforce for our future requires expanding who we view as talent and changing our practices across the public and private sectors,” said Bryan Palma, CEO of Trellix.

“Closing the cybersecurity talent gap is not only a business imperative, but important to national security and our daily lives. We need to remove barriers to entry, actively work to inspire people to do soulful work and ensure those in the field are retained,” Bryan said.

What were the survey’s insights?

The findings are based on a Vanson Bourne survey, commissioned by Trellix, of 1,000 cybersecurity professionals in Australia, Brazil, Canada, France, Germany, India, Japan, the United Kingdom and the United States of America across a variety of sectors.

More Education is Needed

As threats from cybercriminals grow in sophistication, the shortage of cybersecurity experts grows as well. While some countries like Russia and China invest in nurturing cybersecurity talent through state-funded education, many nations are without dedicated programs.

Trellix sought to understand education levels and found over half (56%) believe that degrees aren’t needed for a successful career in cybersecurity. The survey also found:

  • Support for development of skills (85%) and the pursuit of certifications (80%) were selected as extremely important factors for the industry to expand the workforce.
  • Employers could be doing more to encourage community mentoring programs with a presence in K-12 schools (94%).
  • Areas likely to attract people to cybersecurity included efforts to promote the soulfulness of cybersecurity careers (43%), spurrig STEM students considering cybersecurity careers (41%), and more financial support for students in cybersecurity career paths (39%).

Diversity Drives Better Outcomes

Of the experts surveyed, 78% are male, 64% white and 89% straight, and 91% believe there needs to be wider efforts to grow the cybersecurity talent pool from diverse groups.

When it comes to encouraging more people to consider a career in cybersecurity, respondents reported inclusivity and equality for women (79%), diversity of the cybersecurity workforce (77%) and pay gaps between different demographic groups (72%) as extremely important factors for the industry to address. Additional findings include:

  • Most respondents (92%) believe greater mentorship, internships, and apprenticeships would support participation of workers from diverse backgrounds into cybersecurity.
  • 85% believe individuals are discouraged from entering the profession because they lack perspective into the field’s various potential roles and opportunities for upward mobility.
  • 94% believe their employers could do more to consider employees from non-traditional cybersecurity backgrounds and 45% report having previously worked in other careers.

Cybersecurity is Soulful Work

The survey found that 94% believe the role of those working in cybersecurity is greater now than ever before and 92% report cybersecurity as purposeful work that motivates them.

However, cybersecurity professionals are hungry for recognition, with 36% noting they feel a lack of acknowledgement for the good done for society. Of those looking to leave the field, 12% say it is due to lack of feeling appreciated. The survey discovered:

  • More than half (52%) report working within cybersecurity because it’s progressive, evolving and they enjoy exploring challenging new trends.
  • 41% report cybersecurity is continuously growing in relevancy and roles will always be accessible as a reason for staying in the profession.
  • Around 19% note they value doing something to help society for the greater good.

The talent gap survey follows the release of Trellix’s In the Crosshairs: Organisations and Nation-State Cyber Threats report which found organisations report limited cybersecurity talent as the greatest barrier to protecting themselves against nation-state cyber threats.

Trellix published Path to Cyber Readiness – Preparation, Perception and Partnership, which cited 49% of U.S. gov’t agencies felt their internal cyber security skills were inadequate.