Skip to content

Why Does The Cybersecurity Skills Gap Continue To Grow?

Why Does The Cybersecurity Skills Gap Continue To Grow?

A lot has been said and written about the need for improved cybersecurity. It seems that hackers and other cybercriminals are constantly in the news and are rarely caught. Considering the size of the problem, you would think that the cybersecurity industry would rise to meet the demand. Unfortunately, that hasn’t been the case. There is a continuing shortage of good cybersecurity personnel, and that has been the trend for at least ten years. Let’s take a look at this issue and discuss why the cybersecurity skill gap continues to grow.

Lack Of Training Seems To Be The Biggest Issue

As a starting point, we should take a look at this report from a reputable IT company. It examines the growth of the cybersecurity skills gap over the last ten years and explores its possible causes. This is why we said that this problem has been growing for at least ten years. Although there are obviously multiple factors at play here, the report concludes that the biggest one is a lack of formalized job training.

At this point, most cybersecurity experts are self-taught to one degree or another. Formal IT certification programs do exist but are often inadequate and expensive. As a result, the people who have those certifications tend to charge a lot more for their services. This motivates companies to look for gifted amateurs rather than looking for certified professionals.

At present, there is simply no standardized career plan for those seeking to become IT/cybersecurity professionals. Instead, they have to seek out their education wherever they can. It naturally follows to say that the skills gap could be eliminated if there were a little more formal education and training to be had in this field.

Rising Demand Is Also A Factor

On the one hand, there are not enough new cybersecurity professionals being trained. At the same time, the need for cybersecurity has increased exponentially. Virtually every company needs to have at least one of these employees. Larger companies that deal with sensitive data on a daily basis might need a small army of cybersecurity people. This creates a situation where a large number of companies are competing for the services of a relatively small workforce.

Of course, this does allow the best IT people to charge a lot more for their services, and this might have something to do with the lack of education and training. Many established people might be fearful of creating competition for themselves, thus ruining the advantageous situation that presently exists for them. However, these concerns are probably unwarranted, as the demand for good cybersecurity people is not going to decrease anytime soon.

How Big Is The Gap?

When we say there is a “skills gap,” we mean that there is a gap between the number of cybersecurity professionals that are needed and the number that currently exists. According to this report, that gap is approximately four million. That means four million jobs waiting to be filled, and only for lack of qualified people.

At present, the report says there are about 2.8 million cybersecurity professionals, which is nowhere near as many as it seems. When you consider the fact that this is a worldwide figure, as well as the fact that every company needs to employ at least one, that’s a major shortage. The current gap within the United States alone is said to be about 500,000 jobs. Further, the report found that very little has been done to address this problem, particularly within the U.S.

Lack Of Opportunity For Advancement

Some cybersecurity and IT professionals say that the problem is also a problem of incentive. There apparently isn’t a whole lot of room for advancement in these fields, and thus, these professionals tend to drift from job to job. The ESG report that we cited earlier is worth mentioning again in regard to this issue. Only 25% of those polled stayed with one company for the entire span of their careers.


Clearly, this problem is not going to be solved until the IT/cybersecurity industry gets together and works out a more organized method of training new people. There is also a need for more advancement opportunities, or else there will be a little incentive on the part of potential recruits. The high demand is not going to change anytime soon, so there is going to be a need for real leadership within the industry. If you have enjoyed this article and would like to know more about this subject, you can call PCH Technologies at (856) 754-7500.