You cannot go a week without hearing about a new cyber attack. It seems that every day, big corporations leave information vulnerable to hackers, who swoop in and steal our personal data. Cybersecurity is critical as attacks become more frequent and costly. However, is the cybersecurity skills market prepared to answer
Governments around the world are taking steps to prevent data breaches. Indeed, they are legislating new fines and punishments for companies that don’t secure their data. Cybersecurity professionals are in high demand — but many positions remain unfilled. Current professionals are beginning to strain under pressure.
What is the source of this pressure, and how are employers responding?
More Cybersecurity Openings Than Professionals
There is a major shortage in the cybersecurity skills market. There could be as many as 314,000 unfilled openings, though estimates vary. This year, the deficit grew worse for the third year in a row.
Other aspects of the cybersecurity skills market look odd to those familiar with the usual tech job market demographics. For example, while young workers make up the bulk of staff at most tech startups, younger workers are extraordinarily underrepresented in cybersecurity. In fact, in 2017, 7% of cybersecurity workers were under 29. However, the average age is 42 years old. Cybersecurity firms expect large numbers of professionals to retire or leave the field each year.
Industry professionals disagree over the exact reasons for the age skew in the cybersecurity skills market. Some say degree requirements filter out talented but under-credentialed candidates. In contrast, others say a laser focus on STEM programs has caused recruiters to miss qualified candidates graduating in alternative areas. For graduates with non-traditional backgrounds, the path to a career in cybersecurity can be hard to navigate — or outright impossible.
It’s a hard question to answer. Other tech fields find young workers easily, even with similar credential requirements and recruiting strategies.
Whatever the reason, the cybersecurity skill gap will likely stick around — or get worse — in the years to come. The diminishing new workers entering the field, combined with high levels of stress and burnout, lead to a bleak-looking future. Indeed, the grim prediction of 1.8 million unfilled positions by 2022 is entirely possible.
Due to a lack in cybersecurity skills, degrees in IT, computer science, and cybersecurity are very valuable. Graduating today with the intent to work in cybersecurity can secure a student a position, though there are no guarantees.
The Skills Gap and AI Cybersecurity
This shortage of skilled workers — and heavy workloads placed upon employees — lead employers and cybersecurity firms towards automation.
Artificial intelligence — thanks to the technology’s great ability to make predictions and detect subtle patterns in massive data sets — is disrupting most fields in tech. Cybersecurity is no exception. Last year, expert Martin Giles was caught off guard by the high number of vendors at Black Hat, an annual conference of professionals who advertise AI-based cybersecurity software.
Still, experts are cautious of the widespread adoption of AI-based technology for a few reasons. First, AI is good at finding and identifying abnormal states. However, normal is hard to define in a security context — what does a threat look like when disguised?
AI is also vulnerable to adversarial attacks. Hackers use knowledge of an AI’s algorithm to create inputs that trick the AI into categorizing it as something it’s not. For example, in lab experiments, experts can digitally manipulate a picture of a panda and confuse AI into classifying it as a gibbon. In the field, a cyber attack might include a few lines of text at the end of a virus. This text tricks AI into interpreting it as safe.
That’s just one example, and cybersecurity is much more than anti-virus software. Firms are more interested in using AI to assist, rather than replace, cybersecurity workers that give algorithms human oversight.
Still, artificial intelligence will not close the skills gap. But it may help current cybersecurity workers breathe a little easier.
The Future Outlook of the Cybersecurity Skills Market
Times are tough for cybersecurity professionals and their employers. After all, there’s a significant gap in the cybersecurity skills market. Additionally, recruiters are struggling to find young professionals — or professionals of any age — who want to work in the field. Cyber-crime is on track to get worse, increasing the demand for talented experts. As the talent pool runs dry, employers will look to other solutions, like AI automation, to keep their security functional.
Indeed, for those interested in working in the cybersecurity, now is the time to join the field. Starting salaries are high, and hiring requirements for entry-level positions may soon become more relaxed. A computer science degree has always been valuable, but the cybersecurity skill gap may make it a better prospect for newly-graduated students.
The current cybersecurity skills market isn’t suitable for businesses, and it’s not likely to change soon. However, the current outlook could present an opportunity for eager young professionals.