Most organizations also coped well with the switch to remote working

Cybersecurity skills gap narrows for the first time

The cybersecurity workforce has grown to 3.5 million professionals globally, resulting in the first annual decrease in unfilled infosec roles in memory.

Industry training and certification body ISC(2)’s 2020 Cybersecurity Workforce Study, published today (November 11), attributes the reduced skills gap to a greater influx of talent into the field, combined with uncertain demand due to the economic impact of Covid-19.

An estimated 700,000 new professionals joined the sector in the 12 months up to June 2020, swelling its ranks to 3.5 million. The rise was accompanied by a decrease in the global workforce shortage, down to 3.12 million from the 4.07 million shortage reported last year.

Employment in the field now needs to grow by approximately 41% in the US and 89% worldwide in order to fill the remaining talent gap, which is still considerable.

Lockdown triggers migration to remote working

Cybersecurity professionals worldwide have faced immense pressure to quickly and securely transition their staffs to remote working environments.

Data from the ISC(2) study shows that 30% of infosec pros faced a deadline of one day or less to migrate staff to home working and to secure their newly transformed IT environments.

Most organizations coped well under this unprecedented strain. A huge majority (92%) of respondents indicated that their organization was ‘somewhat’ or ‘very’ prepared to respond, and just 18% saw security incidents increase during this time.

Even so, most (56%) of respondents say their organizations are at greater risk due to cybersecurity staff shortages.

Dr Kiri Addison, head of data science, threat intelligence at cybersecurity vendor Mimecast, commented: “Whilst the reported increase in the number of professionals joining the workforce in 2020 is a positive result, the plans to downsize security teams are concerning.

Addison added: "2020 has seen many successful cyberattacks and our Threat Researchers found that COVID-19 has opened new opportunities for threat actors in the first months of 2020, with a 35% rise in email-based malware threats from January to April.”

Clar Rosso, CEO of (ISC)2, told The Daily Swig: “The COVID-19 findings serve as a positive reminder of the importance of preparedness in the face of unprecedented challenges.

While cybersecurity teams remain under considerable pressure from heightened and targeted cybersecurity activity, the global shortage of skilled professionals and the elevated risk levels that the shortage creates, they were still able to execute using best practices and viable business continuity plans and processes.

Rosso concluded: "While the larger cybersecurity threat from the skills shortage remains intact, a majority of executives were aware of the importance of security during the remote transition. That, coupled with the ability of security teams to leverage robust or improved communications and collaboration platforms helped them to deliver a successful remote working shift, in less than a day in many cases.”

Cybersecurity practitioners are concerned that security budgets will be adversely impacted by revenue losses related to the coronavirus pandemic. More than half (54%) are concerned about personnel spending while 51% are worried about technology expenditure.


Read more of the latest cybersecurity education news


The average annual cybersecurity salary is highest in North America at $112,000 Salaries average at $81,000 in the UK). Job satisfaction rates increased year-over-year, with 75% of respondents saying they are either ‘somewhat’ or ‘very’ satisfied with their role.

Cloud computing security is far and away the most in-demand skillset, with 40% of respondents indicating that they plan to develop skills in the area over the next two years.

Just 49% of those in the infosec field hold degrees in computer and information sciences, highlighting the educationally diverse background of those who pursue a career in cybersecurity.

The study is based on replies from 3,790 respondents based in 14 geographies, drawn from all levels of seniority at companies of diverse size.

More than twice as many men than women participated in the survey, a reflection of the gender imbalance in the wider industry.


This study was updated to add comment from Clar Rosso, CEO of (ISC)2


YOU MIGHT ALSO LIKE EU cybersecurity funding initiative aims to boost threat intel, certification sectors