CLEARWATER, Fla., — (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals – today announced the findings of the 2018 (ISC)2 Cybersecurity Workforce Study. The research shows a widening of the global cybersecurity workforce gap to nearly three million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA).
The 2018 (ISC)² Cybersecurity Workforce Study (formerly the Global Information Security Workforce Study) is based on feedback from a broader, more representative sample of the men and women responsible for securing their organizations around the world. This includes many IT/ICT staff within organizations ranging from large enterprises to small businesses who may or may not have formal cybersecurity roles but do have hands-on responsibility for securing critical assets every day – spending at least 25% of their time on such activities. Their views and opinions create a more realistic representation of the cybersecurity challenges and opportunities the industry faces around the globe.
“This research is essential to fostering a clearer understanding of who makes up the larger pool of cybersecurity workers and enables us to better tailor our professional development programs for the men and women securing organizations day in and day out,” said (ISC)2 CEO David Shearer, CISSP. “We will share these powerful insights with our partners in government and the private sector to help establish the programs necessary to advance the cybersecurity profession. By broadening our view of the workforce to include those with collateral cybersecurity duties within IT and ICT teams, we discovered that professionals are still facing familiar challenges, but also found striking differences compared to previous research, including a younger workforce and greater representation of women.”
Key insights revealed in the study include:
For more data points and additional context on the cybersecurity workforce gap. download the full study at www.isc2.org/research.
A New Cybersecurity Workforce Gap Analysis
In addition to a broader view of the cybersecurity workforce, the 2018 (ISC)² Cybersecurity Workforce Study introduces a new gap analysis methodology. Unlike legacy gap calculation models that simply subtract supply from demand, this calculation takes other critical factors into consideration, including the percentage of organizations with open positions and the estimated growth of companies of different sizes. The calculation of demand includes the openings that are currently available, along with an estimation of future staffing needs. The calculation of supply includes estimates for academic and non-academic entrants into the field, along with estimates of existing professionals who are moving into cybersecurity specialties. This more holistic approach to measuring the gap produces a more realistic representation of the security challenges—and opportunities—that both companies and cybersecurity pros are facing worldwide.
About the (ISC)2 Cybersecurity Workforce Study
(ISC)2 conducts in-depth research into the challenges and opportunities facing the cybersecurity profession. The (ISC)2Cybersecurity Workforce Study (formerly the Global Information Security Workforce Study) is conducted regularly to assess the cybersecurity workforce gap, better understand the barriers facing the cybersecurity profession, and uncover solutions that position these talented individuals to excel in their profession, better secure their organizations’ critical assets and achieve their career goals.
Methodology
(ISC)² commissioned Spiceworks to conduct a survey in August 2018. This survey targeted cybersecurity professionals worldwide to measure the gap in the cybersecurity workforce in companies of all sizes and to understand current perceptions and practices around cybersecurity. Survey results included responses from approximately 1,452 participants throughout North America, Latin America, Asia-Pacific and Europe.
About (ISC)²
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, over 138,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. For more information on (ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.
© 2018, (ISC)² Inc., (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CCFP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered marks, of (ISC)², Inc.