IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

As the Cybersecurity Workforce Grows, So Does Need

A new report finds America’s cybersecurity workforce grew 11 percent year over year. At the same time, the gap between available workers and organization needs also grew 17.6 percent in the same period.

Silhouettes of people of different genders standing in a row against a white background. Their silhouettes are filled with blue and black lines like a circuit board.
The cybersecurity workforce is growing — but it’s growing slower than organizations’ need for cyber workers. This is particularly pronounced in the U.S., according to a cross-sector, international report from cybersecurity membership organization ISC2.

America’s cybersecurityworkforce grew 11 percent year over year in 2023, adding roughly 1.3 million cyber professionals. At the same time, America’s cyber workforce gap grew 17.6 percent year over year — or by about 480,000 positions. ISC2 emphasizes that the cyber workforce gap represents the difference between available cyber hires and the number of professionals that organizations would need to properly secure themselves. It does not, however, reflect how many organizations are actually ready and budgeted for hiring.

America’s cyber labor supply and need both outpaced international averages. Globally, the cyber workforce increased just shy of 9 percent year over year, while the global gap grew 12.6 percent in that period.

Looking at the global picture, cyber staffing shortages are also particularly likely to afflict governments, with 78 percent of respondents from this sector reporting shortages, compared to 67 percent of respondents overall.

And all this comes at a time when the risks are high. According to 78 percent of government respondents — and 75 percent of all respondents — today’s cyber threat landscape is the most challenging seen since 2018.

Organizations are most keenly feeling skill gaps in three key areas, according to ISC2’s 14,865 international survey respondents: cloud computing security, AI and machine learning, and zero-trust implementation. ISC2 suggested organizations invest in trainings, especially to help compensate for cyber staff shortages.

As today’s cyber workforce grows, its demographics are also shifting. Diversity — something that the majority of cybersecurity professional respondents said is important — is improving in some countries, especially regarding race and ethnicity.

White men have traditionally dominated the cyber field in the U.S., Canada, Ireland and the U.K., especially in older age brackets. They make up more than half of workers ages 39 and up, and 70 percent of cybersecurity professionals ages 60 and up. A more diverse pool of candidates is entering the profession, however, and 66 percent of the people who entered cyber careers in these countries during the last 12 months were not white.

Improved diversity is especially evident among younger cyber professionals. Among those under 30 years old, 63 percent were not white.

Gender diversity still lags behind but is improving. Women made up about 24 percent of cyber professionals younger than 30, compared to 15 percent of those aged 60 and up. Women also comprised a slightly higher share of the cyber workforce in organizations that used skills-based hiring, ISC2 found. In the overall survey of 15,000 respondents, nearly 1 percent selected a gender option other than male or female, and 6 percent chose not to self-describe.
Jule Pattison-Gordon is a senior staff writer for Governing and former senior staff writer for Government Technology, where she'd specialized in cybersecurity. Jule also previously wrote for PYMNTS and The Bay State Banner and holds a B.A. in creative writing from Carnegie Mellon. She’s based outside Boston.