An analysis of the cyber security labor market
In a world where organizations store their financial information online, individuals secure their data with weak, generic passwords, and the government experiences cyber attacks daily; Cyber security has become a prevalent issue around the globe, affecting thousands every day.
Since the late 20th century, technology has taken over the lives of millions. Cell phones, computers, and smart devices have since become parts of daily life. Take a second and think about the technology you use every day. Right now I am writing this on my laptop, in a little while I’ll make a call or two on my iPhone, even later I’ll listen to music over my bluetooth speaker, and at the end of the night I’ll sit down and watch TV. Now imagine I repeat this every single day, providing my phone and laptop with more data and information with every key stroke. While this data can prove itself to be very useful at times, as the famous saying goes, “With Knowledge Comes Power.”And sometimes this power falls into the wrong hands. As people become more trusting of the technology they use to store their information and automate their life, more and more hackers with malicious intent find ways to exploit this data. This has created high demand for a laborer we are experiencing a shortage of around the world: The cyber security laborer.
What does the Cyber Security Labor Market look like now?
Put simply… There is a big shortage.
Intel Security and the Center for Strategic and International Studies, performed a study in 2016 on the current state of cyber security. By interviewing IT Professionals around the world, they were able to focus on the current labor shortage and skills gap in the industry. Here is what they found:
As you can see above, 82% of IT Professionals interviewed reported that their organization had a shortage of cyber security skills. Not only that, but 25% of these professionals report that they have lost company data due to this skills gap. Some of these professionals come from organizations that you trust with your data every single day. That is why increasing the supply of workers in cyber is so detrimental. Because without them, we will be left defenseless when protecting our data and operations. That isn’t all though.
The above chart portrays a study performed in 2016 by Indeed.com, which compares the number of cyber security job postings on the site to the number of clicks that these job postings received. As you can see, in all of these countries there is a large deficit of the number of clicks compared to the number of postings. This represents the shortage of workers globally, and why it is so important that changes start occurring. Internationally, even countries that have been classified as developed for centuries are experiencing this shortage. Some of these countries include the United States, France, and the United Kingdom as displayed above.
These statistics all portray the shortage of workers and cyber security skillset that the cyber industry is experiencing. But some things you may be wondering are: why is there a shortage? And how can we close the gap between the number of workers and jobs? These questions will be analyzed and answered in the following sections.
Why is there a shortage?
In order to explain why there is a shortage of laborers, we’ll have to dive into some basic principles of economics, supply and demand. The following video quickly describes these two principles.
Before the late 20th century, there wasn’t much of a need for cyber security laborers. This is due to the fact that back then, nothing was even close to as interconnected as it is today. In fact, cyber security never became a true issue until the development of the internet in 1983 and the world wide web in 1990. In terms of economics, before 1983 and 1990 there was zero demandfor cyber security laborers, which means there was zero supply as well.
But as the internet and world wide web became something that households used daily, and as people became more interconnected with technology, demand for cyber security laborers increased. But the problem was there was still no supply of laborers because no human had been educated on how to protect a computer or person from being attacked online. Therefore there existed a deficit of workers. As time has gone on, there have been thousands of efforts to educate cyber security professionals on how to protect people online. But because of all of the constant changes in computer technology, the deficit of workers described earlier in this paragraph has never caught up to the exponentially increasing demand for cyber security labor.
Due to the rapid growth of technology and new advancements being made everyday, it is extremely difficult for cyber security to catch up. Some economists and cyber security professionals even believe that there will always be a shortage of cyber laborers, due to the rapid innovation of technology around the world.
How can we close the gap?
Since the early 21st century, many efforts have been made in order to balance the number of laborers and jobs available in the cyber security industry. Some of these include cyber security degree programs, outreach for high school and middle school students, scholarships and internships for college students studying cyber security, and many others. To some extent, all of these efforts and initiatives have proved to be effect in increasing the number of laborers going into the industry. But despite these efforts, there still exists a shortage, and to some disbelief, this shortage is only getting worse.
One way to close the gap, that many professionals have proposed and that is beginning to take hold in many school districts is a required cyber security fundamentals class. The idea behind this is that if students are required to take this course, they may find an interest in the job or find something that they enjoy about cyber security. Another goal of this approach is to give students an idea of some cyber security principles and ways to prevent attack. This is so that when a student becomes apart of the workforce, they are prepared if a cyber security related incident occurs. This course is currently being used at many high schools around the country but very few, if any, have made it a required course.
Another way to close the gap is that for every industry, there be a baseline cyber security standard that every employee has to learn in employee training or prior to. Basically this standard would cover some cyber security skillset that is sufficient for the industry the employee is working in. For example, in the hospitality industry an example standard would be that every employee has to have a basic knowledge of network security. Of course, the basic knowledge of network security would be because businesses in the hospitality industry generally offer a WiFi service to their customers, which could cause a major cyber security issue. Although this training and these standards may not solve the shortage of laborers, they will definitely add to the cyber security skill set of workers all across the globe, which solves a major problem in itself.
The cyber security industry is one that is just blossoming, and there are hundreds of possibilities within it. Within the field, you can go into cryptography, data security, network security, malware analysis, and so many other sub-fields that contribute to making the internet a safer place. Despite the fact that there is currently a shortage in the field, there are many promising solutions that aim to balance out the number of workers and number of jobs available. The labor situation in the cyber security industry could go in any direction as of now, and only the future can tell.
If you are interested in getting into the cyber security industry, go for it. Cyber security truly is one of the most important components of the technology we use today and the future of cyber security looks extremely promising.