For the first time on record, the cybersecurity workforce gap has shrunk, the 2020 (ISC)2 Cybersecurity Workforce Study has found. While companies have been facing a plethora of new security challenges due to the COVID-19-powered shift to remote work, the shortfall of IT security practitioners has decreased from 4.07 million to 3.12 million on an annual basis. Here are some other key takeaways:

  • As the talent shortfall eased, the number of security practitioners rose – by 700,000 professionals year-on-year to 3.5 million. The supply of workers increased especially thanks to industry migration and companies investing in their own talent. Nevertheless, the workforce gap is still there and, in order to fill it, employment levels would need to grow by approximately 41% in the US and 89% worldwide.
  • The COVID-19 powered shift was quick but managed well. 30% of professionals reported that their company made the transition to online work within a single day. Meanwhile, almost half reported they were afforded several days and up to a week to make the shift and to secure newly transformed IT environments. Although the transition was rapid, 9 in 10 infosec experts felt that their organizations were somewhat or very prepared for the shift.
  • Job satisfaction among cybersecurity professionals is higher than ever. While there is a popular notion that the job carried out by cybersecurity professionals is stressful and often underappreciated, the study found otherwise – the overall satisfaction of workers worldwide with their job is at 76%. Almost half responded that they were somewhat satisfied while a third said that they were very satisfied with their positions and the work they do.
  • Certification still matters, with 63% of professionals pursuing or planning to pursue a certificate within the next year. Certificates are considered key to professional and career growth both by professionals and their employers. Almost 8 in 10 professionals worldwide said that they are required to hold some kind of certification. The value of certifications to employers can be highlighted by the fact that five in ten respondents said that courses and exams are paid for completely by their organizations. Certification also has an impact on wages, with employees with certification earning an average of US$85,000 while those that don’t hold any earn much less with an average of US$67,000.
  • Salaries are competitive but vary according to the employee’s title and seniority. For employees that are just starting on their cybersecurity career paths such as millennials, the average salary can be around US$67,000; however, for those with greater experience in the field like the baby boomer generation the reported average salary is US$112,000. The salary is also influenced by whether the role the employee holds is security-focused or a general IT role, with the former being rewarded with a higher average salary of US$91,000 while the latter has an average salary of US$79,000.

A bonus takeaway? The cybersecurity sector remains an attractive industry to join. Why not consider whether it might also be a good fit for you or look at some of the career paths you can choose from?