3.5 million security professionals, and growing!

2020 (ISC)2 Cybersecurity Workforce Study chronicles the resiliency, outlook and perseverance of this growing profession as it faced the unprecedented challenges of the COVID-19 pandemic.

(ISC)² – the world’s largest non-profit association of certified cybersecurity professionals – has released the findings of its 2020 Cybersecurity Workforce Study. 3,790 respondents, all of whom dedicate at least 25% of their time to cybersecurity tasks, were surveyed across 14 geographies in order to accurately assess the size of the current cybersecurity workforce and the challenges and opportunities they face.

For the first time, the study indicates a year-over-year reduction in the cybersecurity workforce gap, due in part to increased talent entry into the field and uncertain demand due to the economic impact of COVID-19. The research, conducted from mid-April through June 2020, also provides insights from cybersecurity professionals about their organisations’ COVID-19 pandemic response, and the massive effort required to quickly and securely transition their staffs to remote working environments.

The study reveals that the cybersecurity profession experienced substantial growth in its global ranks, increasing to 3.5 million individuals currently working in the field, an addition of 700,000 professionals or 25% more than last year’s workforce estimate. The research also indicates a corresponding decrease in the global workforce shortage, now down to 3.12 million from the 4.07 million shortage reported last year. Data suggests that employment in the field now needs to grow by approximately 41% in the U.S. and 89% worldwide in order to fill the talent gap, which remains a top concern of professionals.

In a historically unprecedented year, the study also focused on how security teams and professionals were impacted by COVID-19. The data shows that 30% of cybersecurity professionals faced a deadline of one day or less to transition their organisations’ staff to remote work and to secure their newly transformed IT environments. 92% of respondents indicated that their organisation was “somewhat” or “very” prepared to respond, and just 18% saw security incidents increase during this time.

“Overall we’re seeing some very positive trends from the cybersecurity workforce reflected in this new data,” said Clar Rosso, CEO of (ISC)2. “The response to COVID-19 by the community and their ability to help securely migrate entire organisational systems to remote work, almost overnight, has been an unprecedented success and a best-case scenario in a lot of ways. Cybersecurity professionals rose to the challenge and solidified their value to their organisations.”

Additional highlighted findings include:

  • Job satisfaction rates increased year-over-year, with 75% of respondents saying they are either “somewhat” or “very” satisfied
  • The average annual cybersecurity salary is highest in North America at $112,000
  • 56% of respondents say their organisations are at risk due to cybersecurity staff shortages
  • Cybersecurity practitioners are concerned that security budgets will be impacted by revenue losses related to COVID-19. 54% are concerned about personnel spending while 51% are concerned about technology spending.
  • 23% said that they or a peer had been laid off as a result of the pandemic
  • 78% of cybersecurity professionals who still need to work from an office say they are either “somewhat” or “very” concerned about their personal safety in relation to COVID-19
  • Cloud computing security is far and away the most in-demand skillset, with 40% of respondents indicating they plan to develop it over the next two years
  • Just 49% of those in the field hold degrees in computer and information sciences, highlighting the fact that many of the professionals responsible for cybersecurity come from other areas of expertise
Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and operational cloud services that is unique on the market, enabling clients across the world to meet the challenges of managing their data in the edge to cloud continuum, in line with the highest jurisdictional data governance requirements. Part of the Atos' OneCloud initiative, Atos OneCloud Sovereign Shield is a comprehensive edge to cloud platform ecosystem and highly secure service that improves the level of control clients have over the data they produce and exchange, helping them regain control and effectively deal with legal dependencies.
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets across Europe with further expansion into APAC planned.
Research from Avast has found that employees in almost a third (31%) of Small and Medium Businesses (SMBs) in the UK are connecting to the corporate network using personal devices that do not have any security controls in place, according to IT Decision Makers (ITDMs) within SMBs.
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53% offer backup services.
Trend Micro has published new research revealing that 90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favor of digital transformation, productivity, or other goals. Additionally, 82% have felt pressured to downplay the severity of cyber risks to their board.
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ during 2022 – leading to increased cyber vulnerability.