BY Lake SydneyOctober 20, 2022, 1:01 p.m.
Participants take part in a computer security competition called the “Breizh CTF” event in Rennes, western France, as seen in April 2022. (Photo by Damien MEYER—AFP/Getty Images)
The cybersecurity workforce has reached an all-time high, with about 4.7 million professionals, but there is still a global shortage of 3.4 million workers in this field, according to the 2022 (ISC)2 The Cybersecurity Workforce Study was released on Thursday. And that shortage persists, despite adding 464,000 more cybersecurity positions this year, according to the report. In the United States alone, there are more than 700,000 unfilled cybersecurity jobs, according to data from Cybersecurity Ventures.
As the need for cybersecurity talent grows, salaries and other benefits should follow. Currently, the median salary for cybersecurity professionals in the United States is $135,000, according to (ISC)2. The study also shows that 27% of cybersecurity professionals enter the industry for the potential for high salaries and solid compensation packages.
“Cybersecurity salaries appear to be determined by several factors, including years of experience, industry employed, certifications earned, and even geographic location such as large concentrations of professionals in areas where the cost of living is high as Washington DC Talent scarcity is most likely also a driver,” Clar Rosso, CEO of (ISC)2recount Fortune. “The good news for new people entering the field is that salaries remain high.”
In addition to the growing talent shortage, another dynamic is at play in cybersecurity: the number of cybersecurity attacks businesses face each year is on the rise. Between 2020 and 2021, the average number of cybersecurity attacks per year increased by 31%, to 270 attacks, according to Accenture’s State of Cybersecurity 2021 report. Businesses, on average, suffered 29 attacks last year. Cyberattacks have also been more prevalent recently in a year of “geopolitical and macroeconomic turmoil,” according to the ISC.2 study. One of the major events was the Russian cyberattacks against the Ukrainian government at the start of the war.
“The modern cybersecurity landscape has galvanized passion and perseverance within its workforce, which continues to change and evolve with the world around it,” reads the (ISC)2 study. “The global cybersecurity workforce is growing, but the lack of professionals needed to carry out its essential mission is also growing.”
Salaries and other benefits related to cybersecurity
Cybersecurity workers know they are in high demand. Nearly 70% of these workers feel their organization does not have enough cybersecurity staff to be effective, the (ISC)2 a study shows this, and more than half of the employees of organizations with labor shortages consider that their company is exposed to a moderate or extreme risk of a cyberattack.
Attracting and retaining top cybersecurity talent requires collaboration across departments, says Rosso. Frequent communication between cybersecurity managers and human resources can help determine what works and what doesn’t when recruiting cybersecurity workers.
“Collaboration between HR hiring and cybersecurity leaders is key to attracting and retaining talent,” says Rosso. “HR professionals should have regular check-ins with cybersecurity hiring managers to discuss and co-develop job descriptions to ensure they are realistic, achievable and can attract the right talent rather than being a barrier.”
Part of attracting and retaining the best in cybersecurity is finding the right amount to pay people. Reports from industry leaders show that cybersecurity salaries continue to rise year over year. Between 2020 and 2021, some cybersecurity salaries jumped more than 16%, well above the six-figure mark, according to a 2021 report from Dice, a tech recruiting platform.
Another key benefit for cybersecurity workers is access to ongoing training and certifications. In fact, more than 60% of cybersecurity workers seek new certifications to develop their skills and stay current with security trends, the (ISC)2 study shows.
“Professionals say loud and clear that company culture, experience, investment in training and education, and mentorship are paramount to keeping your team motivated, engaged, and effective,” says Rosso. “Team members of different ages and experience levels need different levels of support from their organizations. Here, success means investing in education, professional development, mentorship, flexible work arrangements and career pathing. »
A good place to start for organizations looking to jump-start their cybersecurity training efforts is to encourage employees to pursue new certifications and training, adds Rosso.
“In addition to helping encourage employees to invest in educational resources, organizations should recognize these accomplishments, as it helps to keep people engaged over the long term,” he adds.
Find out how the schools you’re considering fared in Fortune’s rankings of the best master’s programs in data science (in-person and online), nursing, computer science, cybersecurity, psychology, public health, and analytics business, as well as Doctor of Education programs and MBA programs (part-time, executive, full-time, and online).