Overcoming the Cybersecurity Talent Shortage

Ken Hurley

October 19, 2022

Personnel Management

Despite the looming cybersecurity talent shortage, there are still ways to recruit, train and retain the right cybersecurity professionals. Financial incentives are the most effective way to attract senior and experienced cybersecurity experts. Besides monetary compensation, employers can offer their employees opportunities to advance their careers through learning and education, rotational assignments, and mentoring.

Financial incentives are the only way to attract senior and experienced cybersecurity experts.

The current cybersecurity workforce is falling short of global demand, and there is a severe shortage of skilled workers in all sectors. The shortfall is estimated at 145 percent of the global workforce or four million people. For example, Europe’s financial markets struggle to hire staff with the necessary cybersecurity expertise. An Executive Board member for the European Central Bank recently noted that cybersecurity expertise was urgently needed across Europe.

Financial incentives should be a key part of cybersecurity hiring strategies. The cybersecurity workforce should be compensated competitively, and organizations should invest in developing a culture of collaboration among employees. Moreover, organizations should invest in developing cybersecurity skills by providing opportunities for advancement, flexible work hours, and flexible working locations. Finally, they should invest in corporate social responsibility initiatives and highlight the value of cybersecurity as a priority.

As an employer, you should consider exploring nontraditional sourcing methods, such as veterans’ programs or nontraditional education. This is because learning capability is more important than a technical skill set. You should also reach out to academic institutions with excellent cybersecurity talent.

Learning and continuing education

Companies are responding to the cybersecurity talent shortage by offering training to potential employees. For instance, Bank of America has partnered with the Liberty Science Center in New Jersey. The goal is to offer cybersecurity jobs to students who complete the program. The bank focuses more on skills than credentials in its search for cybersecurity talent.

As more companies seek to secure customer data and other sensitive information, they must ensure that their workforce has the appropriate skills to meet the growing demand. However, many organizations still view cybersecurity as a back-office expense, which results in a shortage of qualified professionals. To deal with this problem, organizations must hire entry-level staff, upskill existing employees, and encourage a new generation of individuals to consider a career in the field.

Increasing diversity in the cybersecurity workforce is critical to closing the skills gap. For example, in North America, only 25% of the cybersecurity workforce is female, and most of those working in the field are Caucasian. By diversifying the workforce, employers will likely attract a wider range of talent and increase innovation.


The cybersecurity talent shortage is one of our industry’s biggest challenges today. With the world becoming increasingly digitized and the number of malicious targets growing exponentially, it is no surprise that organizations are finding it difficult to fill open positions. Fortunately, organizations can take some proactive measures to close the gap. One way to do this is through the use of mentorships.

Mentorships are essential for a variety of reasons. First, they can help cybersecurity pros develop new skills and develop their experience. New employees often lack the experience necessary to transition to their new roles successfully. Offering mentorships, rotational assignments, and shadowing opportunities can help new hires get the experience they need to be successful. And since not everyone knows what they want to do from the start, cybersecurity employers need to provide them with creative freedom and opportunities to explore new technologies.

The cybersecurity talent shortage has become a global concern. According to the ISC2 Cybersecurity Workforce Study, more than 1.5 million open positions are worldwide. And while this may seem like a lot of open positions, it still doesn’t reflect the true size of the cybersecurity workforce. As a result, cybersecurity firms need to recruit a skilled workforce to stay competitive and grow.

Rotational assignments

President Biden has signed legislation to create a rotational cybersecurity program allowing federal employees to switch departments for a year or 60 days. This program aims to attract cybersecurity professionals by providing them with professional experience at multiple federal agencies. The law comes amid a growing cybersecurity talent shortage. According to the Cyber Workforce Tracker, over 714,000 open cybersecurity jobs currently exist. Of these, nearly 39,000 are in the public sector.

Organizations should relax their job requirements to address this growing shortage and provide training, education, and certification support for those without previous experience. This way, they can tap into a broader pool of workers. Additionally, organizations should encourage employees to seek cybersecurity positions if they have a particular aptitude for the field. Another way to attract cybersecurity candidates is by focusing on continuous learning. Finally, organizations should also be open to accepting other employees interested in a cybersecurity career.

Organizations should look to nontraditional talent models to make the most of their limited cyber talent supply. By offering on-demand staffing for activities with fluctuating capacity, organizations can help supplement existing cybersecurity talent with specialized knowledge. Additionally, they can use crowdsourcing to provide global insights into problems and specialized knowledge in critical areas.