Each first Thursday of the month is a new installment in Stronger’s Jobs in Cybersecurity Series. The first article in the series looked at employment from the employer’s perspective, last month was for the professionals. This month, Stronger looks at the hunt for unicorns and how it is impacting the skills gap.
Everyone has heard of the growing skills gap impacting cybersecurity. More jobs are available than there are individuals to fill them. And this gap is projected to grow exponentially in the next few years. If you are one of the highly qualified professionals looking for work, the world is your oyster. If you are an employer looking to fill needed positions, the challenge is only going to get worse — especially if you are looking for someone who can fill multiple advanced level roles in this sector.
Give Up The Hunt for Unicorns Or Expand The Skills Gap
48% of companies admit that “there is a talent shortage and a growing demand for more professionals,” but too many are still looking for a unicorn. “Organizations at times are trying to hire a unicorn – i.e. they need three people but can only hire one so they write the job specs with a huge list of disparate skill sets that most security professionals don’t have,” says Gary Hayslip, deputy director, CISO for the City of San Diego, California.
Each year, cybercrime costs industries increasingly more. In 2015, they cost $3 trillion. The estimate for 2021 is a worldwide cost of $6 trillion — which means the cost will have doubled in only 6 years. The 2017 Global Information Security Workforce Study reported that “two-thirds of its nearly 20,000 respondents indicated that their organizations lack the number of cybersecurity professionals needed for today’s threat climate.”
Can Artificial Intelligence Save Us?
To compensate, some companies are turning to artificial intelligence and machine learning to fill the pending global gap of 3 million cybersecurity positions. However, AI and ML can only partly compensate for the lack of skilled workers. And although IBM CEO Ginny Rometty expects “AI to change 100% of jobs within the next ten years,” AI is also facing its own frustrating skills gap that may slow growth and leave companies still struggling to fill jobs.
With the current pipeline of candidates, competing job openings, and developing growth across multiple areas in technology, waiting for a unicorn is not an option. It’s time to scrap old ideas about what an ideal candidate is and embrace a way to bridge the problem through training, upskilling, and diversifying the potential talent pool.
Less Traditional Paths Lead to Success
Candidates no longer need a bachelor’s degree in computer science or computer engineering with cybersecurity certifications. Currently, many computer engineering degrees don’t even require cybersecurity courses and “almost not cybersecurity pro over 30 today has a degree in cybersecurity.”
Training and familiarity with the tools and technology used are helpful, but that doesn’t have to come from a degree. And even more important than those things are an understanding of the current threat landscape, curiosity, and a passion research and continual learning.
Save Money & Be More Secure
Finding a unicorn is time consuming and costly, especially with the growing probability and price tag of breaches. Companies don’t have to wait. Rometty suggests, “companies have to focus on three things: retraining, hiring workers that don’t necessarily have a four-year college degree and rethinking how their pool of recruits may fit new job roles.”
Failing to find, create, and maintain sufficient cybersecurity employees to protect organizations and our country is not an option in the present climate. There are other courses of actions that can be pursued which will help solve the skills gap as well as create a positive work environment. By focusing on the development, training, and upskilling of less traditional candidates and current employees, organizations may find that the quest for unicorns was obscuring true growth and long term success.