The ISACA study reveals current workforce challenges and trends in the cybersecurity field.
The latest study from ISACA reveals the struggle for organizations to hire and retain their cybersecurity teams has been constant since the past years. The ISACA’s 2020 State of Cybersecurity report showed that 57% of enterprises say they have unfilled cybersecurity positions on their team at present.
As per the study, organizations are short-staffed and are striving to identify enough qualified talent for open positions. Moreover, 72% of the companies also believe their HR teams do not adequately understand their hiring needs. Offering details about diversity while hiring cybersecurity professionals, the report stated that there is still a significant gender gap as there are more men than women in most teams. However, there has also been slight progress in the effort to increase the number of women in cybersecurity roles, found the study. A better understanding of the nature of the skills gaps and issues with hiring and retention can help the industry more effectively drive innovative strategies and tactics to address and overcome these long-standing challenges.
Some of the key findings of the ISACA 2020 State of Cybersecurity Study are as follows:
- Around 62% of respondents stated their cyber security team is understaffed, while 57% say they currently have unfilled cybersecurity positions.
- Nearly 60% of organizations anticipate a 3% rise in cybersecurity budgets than in 2019.
- Seventy percent of companies believe that less than 50% of their cybersecurity applicants are well qualified.
Cybersecurity teams continue to struggle with identifying resources with the right skillsets. According to the study having a degree does not necessarily indicate that a candidate is ready for the job. Only 27% of respondents say that recent graduates in cybersecurity are well-prepared. Nearly all (95%) respondents believe hands-on experience is the top qualification necessary while hiring candidates. Meanwhile, 81% said hands-on training is crucial for including professionals in their team.
The report found that 66% of respondents believe it is challenging to retain cybersecurity talent, and 59% cite the main reasons for staff leaving as recruitment by other companies. Half of them said limited promotion and development opportunities is another reason it is not easy to retain the team, while 50% of them cited poor financial incentives as one of the many reasons.
When it comes to improving diversity and retaining women in cybersecurity teams, enterprises are making hard efforts, with 49% of companies indicating they have been establishing diversity programs, which is up 5% from 2019.
The report found that 64% indicate some progress towards increasing the number of women in cybersecurity roles. However, only 13% say that growth in this segment is significant. The study concludes, stating that 86% of cybersecurity teams still have significantly more men than women or consist of all men. The number of teams reporting an equal number of men and women increased by 3% in 2020.