Key Cybersecurity Skills Gap Statistics You Should Be Aware Of

As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger.

The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in the defense mechanisms of businesses and institutions. From the shortage of experts in critical areas such as penetration testing and threat analysis to the broader issues of workforce diversity and continuous skill development, the problems contributing to this gap are diverse and complex.

In this article, you will find excerpts from the skills gap surveys we covered in 2023. These insights will give your organization valuable data to improve its cybersecurity hiring strategy.

The cloud skills gap is digital transformation’s Achilles’ heel

When looking to the future, the IT decision makers were confident that the cloud skills gap within their organization would improve in the coming years, with 87% saying they believe it will get better in the next five years.

Companies rethinking degree requirements for entry-level cybersecurity jobs

Cybersecurity professionals believe that hands-on experience in a cybersecurity role (97%), credentials held (88%), and completion of hands-on cybersecurity training courses (83%) are very or somewhat important when determining if a cybersecurity candidate is qualified.

Cybersecurity pros battle discontent amid skills shortage

71% of organizations report that the cybersecurity skills shortage has impacted them—a dramatic increase from 57% in the last study, leading to an increased workload for the cybersecurity team (61%), unfilled open job requisitions (49%), and high burnout among staff (43%), according to respondents.

Cybersecurity workforce shortages: 67% report people deficits

51% of organizations that have had cybersecurity layoffs have been impacted by one or more significant skills gaps compared to just 39% of organizations that have not had layoffs.

Soft skills continue to challenge the cybersecurity sector

When looking at soft skills, communication (58%), critical thinking (54%), problem-solving (49%), teamwork (45%), and attention to detail (36%) come in as the top five skills employers are seeking in cybersecurity job candidates.

Unrealistic expectations exacerbate the cybersecurity talent shortage

72% of consumers agree that limited exposure to the profession at a younger age, the belief that cybersecurity job candidates need a 4-year college degree to be considered, and the lack of cybersecurity education and training in schools are all to blame for the cybersecurity talent shortage.

Demand for STEM training skyrockets

STEM course enrollments from US learners grew to 4.6 million as of March 31, 2023, a 22% increase from the previous year, with 41% of enrollments from women. Enrollments in entry-level STEM Professional Certificates grew 47% to 740,000 enrollments in the same timeframe.

In uncertain times, organizations prioritize tech skills development

Though 65% of tech team leaders have been asked to cut costs, 72% still plan to increase their investment in tech skill development in 2023. And because upskilling existing talent is more cost-effective than hiring new employees, 97% of learning and development and HR directors say they are prioritizing internal talent over hiring for open positions.

Most mid-sized businesses lack cybersecurity experts, incident response plans

Beyond lacking necessary security solutions, mid-sized businesses also struggled to implement basic training measures and recruit the necessary staff. In fact, 61% of respondents say they do not have dedicated cybersecurity experts in their organization and only 9% say their workers adhere to security best practices.

Companies encounter months-long delays in filling critical security positions

70% of companies reported it takes longer to fill a cybersecurity role now than it did two years ago. When asked how long it takes to fill a cybersecurity role, 82% of organizations report it takes three months or longer, with 34% reporting it takes seven months or more.


Courtesy of Help Net Security