Back to List

1 November 2022

What is the Cybersecurity Talent Shortage?

Written by Roy Zur – CEO of ThriveDX Entreprise

With millions of cyber-attacks occurring daily and trillions of dollars in accumulated damage, the current cybersecurity workforce can no longer meet the growing demand of open cybersecurity positions. This explains why the cybersecurity sector saw 4 million job openings in 2022, according to Cybersecurity Ventures

Many organizations have a talent shortage but when organizations face a cybersecurity talent shortage, the days those positions go unfilled lead to much dire consequences, triggering industries and top Human Capital Experts to act more rapidly to fill these roles. When there’s $10 trillion estimated in costs of cybercrime by 2025 (Cybersecurity Ventures), its paramount organizations act more quickly to address these unfilled positions.

How does this relate to Prytek and ThriveDX?

Prytek and ThriveDX have been working together since 2018 to expand their mission to close the cybersecurity talent gap and to further grow ThriveDX’s vision of becoming the #1 global leader in cybersecurity education and training. Together, ThriveDX and Prytek reach customers globally for security awareness training, application security training and other solutions to upskill and reskill lifelong learners.

Why is there such a talent shortage in cybersecurity?

Need for skilled professionals

According to Fortinet, 81% of organizations are looking for people with the relevant qualification when hiring. This is perfectly understandable, who doesn’t want to hire pre-qualified talent? What’s more, the industry is changing so often that traditional education isn’t able to keep up with curriculum adjustments and technological advances. That’s why one of the solutions that Prytek champions with ThriveDX is an accelerated cybersecurity professional bootcamp. This is a 3-6 month program delivered in partnership with universities as an alternative to a 4-year degree. The bootcamp focuses on the practical skills and realistic scenarios that a cyber professional would need to be familiar with for the job.

Developers and technology can’t keep up

Humans are the problem – but they will also be the solution. Every app requires a security component, and there are currently more apps than security-trained developers to protect them. Add to this the fact that humans are still the #1 target of threat actors. According to the World Economic Forum, 95% of successful attacks require employee interaction. This fertile threat landscape demands security awareness training and application security training for business survival in the face of constantly changing threats. 

Lack of reskilling / upskilling

Cybersecurity has moved from being on the back burner to top of mind. 88% of organizations with a board of directors report that board members now inquire specifically about cybersecurity. Not surprisingly, competition for talent is fierce. Instead of just throwing money at new people, organizations should consider upskilling some workers and reskilling other workers for careers in cybersecurity. There are a few different methods for organizations to upskill and reskill workers.

Upskilling methods usually include all employees that need security awareness training enterprise-wide or IT and cybersecurity employees that need to be upskilled on their current respected roles to reflect new and current cyber threats. Reskilling means organizations may have identified talent (employees) that they want to retain and reskill to align with open cybersecurity positions. This also can include hiring new employees and then reskilling them to fit the open cybersecurity positions. However, in some cases, retention might beat hiring, depending on the organization’s goals. In fact, according to Gallup, it can cost a company up to 1.5 times an employee’s salary when that employee quits or when they have to rehire someone else. Therefore, it’s sometimes more cost-efficient to reskill current employees.

College / Higher Ed not turning out “job-ready” graduates

According to a recent survey by Statista, only 27% of cybersecurity graduates are prepared for real-life work challenges in 2022. For students less concerned with theory and more interested in hands-on, real-world attack scenarios, programs like ThriveDX’s Cybersecurity Professional Bootcamp offer a viable alternative: cybersecurity certifications that employers are looking for and a direct job pipeline to household name employers.

Lack of diversity

Women account for 47.7% of the global workforce – yet women held just 25% of cybersecurity jobs in 2021. This is just one example of cybersecurity holding back its own potential; the best business decisions tend to come from the most diverse workforces.

Solving the cybersecurity talent and skills gap

How do professional sports teams overcome talent shortages? They sign free agents or ramp up development squads. How do organizations overcome similar shortages? They hire new employees and develop the talent they have. 

For example, with only 9.2 million people, Israel is considered one of the world’s top cybersecurity powerhouses. Due to the advancements in cybersecurity in Israel, many solutions to combat hackers come out of the country. For myself, I spent 15 years training new recruits in the Israel Defense Forces to become cyber experts in a matter of months. This is something I have now channeled into my career as the CEO of ThriveDX Enterprise.

Given Prytek has similar goals around cyber education and training, we’re working on expanding these efforts to all corners of the world and opening opportunities in technology for diverse and underserved communities.

For more information on ThriveDX’s enterprise security training programs, please visit us at ThriveDX for Enterprise. To learn more about how Prytek is building technologies and delivering managed services in Cybersecurity and other sectors, visit us here.