What does it take to attract top cybersecurity talent?

Cybersecurity professionals are in high demand, but in low supply, the 2019 (ISC)² Cybersecurity Workforce Study finds. In fact, the supply is so low that it needs to grow by an estimated 145 percent to fill the estimated 4.07 million gap. The United States alone needs growth of 62% to meet the needs of its businesses.

Most participants of the study work in the IT services industry, followed by financial services and government. These professionals come from diverse backgrounds since cybersecurity is a young specialization, but most are likely to have a bachelor’s degree. A majority have degrees in computer science but one in five has an engineering background while a small number has a business degree. There are many paths to get into cybersecurity and not all of them require a university specialization, some are self-taught.

As cybersecurity professionals tend to be male, this leaves a rather large talent pool that organizations could use to bolster their ranks. This can be underlined by the fact that one-third of the respondents of the survey were women.

Most cybersecurity professionals tend to be experienced and remain a steady part of their organizations. On average they spend six years with their employer and hold four security organization certifications. The salaries tend to be competitive with a global average of US$69,000 with certification playing a role in how high your salary is. The highest salary offered is in the United States – US$93,000 if you have certifications; otherwise it can drop to US$76,500. Salaries offered in the Asia Pacific region are also highly dependent on certification if you don’t have any your expected salary can drop by 41%.

Eight out of ten respondents are where they expected to be in their careers based on their expertise while more than half responded that they are very close. They also achieved success in their fields, becoming the go-to source of knowledge for their colleagues and even taking the lead in major security projects.

On the flip side, there are hurdles they have to overcome in their careers. The most frequent obstacle they face is the price of cybersecurity certification. More than half of respondents have to pay some part of it from their own pocket. With that in mind, organizations that pick up the tab for their employees can keep them satisfied. In fact, almost three-quarters of respondents in organizations that do so say they are either very or somewhat satisfied in their jobs.

This may not be a comprehensive blueprint for organizations on how to hire and retain cybersecurity talent, but it should provide them with a good insight into the market. Organizations all over the world have been victims of cyberattacks, so investing in experienced cybersecurity professionals should be a top-tier priority. Especially since hackers don’t discriminate and attack private companies and municipalities alike.