Cyber-security workforce needs to nearly double for global security

SecurityPublished 18th September 2024

The current cyber-security workforce needs to almost double to fully secure global systems, according to a new report.

ISC2’s 2024 Cybersecurity Workforce Study found that there are around 5.5 million people currently employed in cyber-security roles.

Cyber-security workforce needs to nearly double for global security

It estimates that a further 4.8 million are needed to meet global demand and ensure that businesses worldwide are fully secure.

As technology becomes increasingly prevalent in all walks of life and cyber-threats also grow, the demand for skilled cyber-security workers is becoming ever greater.

According to ISC2, the gap in the cyber-security workforce gap has increased by nearly a fifth (19%) in the last year alone, which could lead to growing vulnerabilities in many organisations.

Andy Woolnough, executive vice-president of Corporate Affairs at ISC2, said that two years of “declining investment in hiring and professional development opportunities” had left many organisations facing “significant” skill shortages, increasing their overall risk.

While the overall number of people working in cyber-security had remained stable across the year, the increasing demand was contributing to the widening skill gap.

UK saw a decrease in cyber-security workers coupled with increase in demand

Some countries, including the UK, had also seen an actual decrease in the number of workers in the sector.

According to the report, the UK saw a fall from 367,300 workers in 2023 to 349,360 in 2024 - a decrease of 4.9%.

A lack of people in cyber-security roles was not the only issue, with many employers reporting there was also a lack of skills within the workforce.

On a global level, a large majority (90%) of survey respondents said that there was a cyber-security skills gap in their companies.

Just over a third (35%) said there was a shortage of both workers and skills, while more than 60% said that a lack of skills in their teams was worse than not having enough cyber-security workers.

The areas with the most prominent lack of skills within existing cyber-security teams were artificial intelligence (AI) and machine learning, cited by more than a third (34%) of respondents.

Other important skills lacking from cyber teams included cloud computing security, zero-trust implementation, digital forensics and incident response, and applications security.

Woolnough said that, at a time when emerging technologies like AI were changing the cyber-threat landscape, “investment in skills development and the next generation of the cyber workforce is more crucial than ever”.

Today’s news was brought to you by TD SYNNEX – the UK’s number one solutions distributor.

Source: https://www.computerweekly.com/news/366610264/Cybe...