As of last month, the unemployment rate in the United States hovered around 3.5%, a near 50-year record low. For many businesses that means good help is increasingly hard to find. Likewise, according to new data from job search site Adzuna, 33% of job seekers responded that they wouldn’t even go to a job interview without first knowing the salary the employer was willing to offer.
This has presented increased challenges for employers, and that is especially true in the Information Technology (IT) sector, especially for those working in cybersecurity. In fact, employer demand for cybersecurity professionals is so high that it continues to strain talent availability.
Cybersecurity is now one of the most in-demand professions in the United States, and it likely could remain so for the foreseeable future according to new data from CyberSeek, a cybersecurity workforce analytics platform developed in partnership with National Initiative for Cybersecurity Education at NIST, Lightcast, and CompTIA.
For the 12-month period ending in September 2022, employers had listed 769,736 openings for cybersecurity positions or jobs requiring cybersecurity skills. During that period, employer demand for cybersecurity workers grew 2.4 times faster than the overall rate across the U.S. economy. Moreover, nine of the 10 top months for cybersecurity job postings in the past 10 years have occurred in 2022.
“The data should compel us to double down on efforts to raise awareness of cybersecurity career opportunities to youth and adults, especially during Cybersecurity Career Awareness Week which is an international campaign to inspire individuals to explore the variety of types of cybersecurity-related roles that are needed in both the public and private sectors,” said Rodney Petersen, Director of the National Initiative for Cybersecurity Education (NICE).
Even with a slight pullback in hiring activity in the most recent months from the record volumes of earlier this year, total cybersecurity job postings for Q3 2022 tracked 30% higher than the same period in 2021 and 68% higher than in 2020.
The researchers noted that the supply-demand ratio held steady at 65, indicating approximately 65 cybersecurity workers in the labor market – the vast majority already employed, for every 100 cybersecurity job postings.
Cyberattacks Driving Hiring
Just as increased demand for consumer goods is outpacing supply, which has driven up inflation to record levels, demand for cybersecurity professionals is outpacing the supply of workers to fill the openings. The question is what is driving the demand?
In this case, it is the constant threat of cyberattacks.
“Demand for cybersecurity professionals goes up since the pace of cybercrime goes up,” said Jim Purtilo, associate professor of computer science at the University of Maryland.
Hiring more cybersecurity pros may not be the answer to stopping the attacks, Purtilo told ClearanceJobs.
“This won’t change until the business model for developing new applications stops rewarding ‘first to market’ over qualities like security and sustainability,” he explained. “Many in the field, unfortunately, treat security like it is separable property – something you can slap onto a product just as it goes out the door. Really, though, systems must be designed with security in mind.”
That could be especially challenging in the government sector where many networks consist of legacy systems and platforms as old as some of the users. It isn’t a cliché to say that the problem will likely get far worse before it gets better for those reasons. But even the new systems are plagued with many of the same issues.
“Developers who chaff at investing effort into any qualities that take velocity away from their creation of new products can still sell those products today, even without security baked in, and this reality keeps cybersecurity firms in business with cleanup,” added Purtilo.
Skills Sets Are Increasing
The good news for those seeking a career in cybersecurity is that there are now plenty of opportunities. However, the new CyberSeek data also showed that requirements for cybersecurity skills for specific occupations have increased dramatically in the last 12 months.
Simply put, the cybersecurity profession continues to expand into specialized fields, such as penetration testing and threat analysis. There is a similar expansion of cybersecurity skills requirements in adjacent positions such as auditor (+336%), software developer (+87%), cloud architect (+83%) and technical support engineer (+48%).
“The CyberSeek data reaffirms the critical importance of feeder roles and thinking more creatively about on-ramps and career pathways,” said Ron Culler, vice president cyber learning officer, CompTIA. “It is clear from the CyberSeek data that cybersecurity’s importance and impact reaches all levels of the tech workforce. We see this trend continuing and are committed to ensuring that cybersecurity professionals are prepared for the current and future challenges this will bring.”
Preparing the Next Generation
Another issue is how cybersecurity professionals are being trained. It can be hard to keep up with the changing landscape of the threats they may face, but then there are those concerns Purtilo already noted. Unless those can be addressed, cybersecurity may be an in-demand job that lacks the workers to fill all the positions.
“We know how to make quality systems, and my software engineering students enjoy spectacular demand in the sectors that care about quality, but it is tough to lure beginning students onto this more difficult educational path when the market will absorb all the programmers a school can churn out,” Purtilo continued. “And many of those programmers are not just making software, they’re making business for cyber firms to clean up after them.”