It’s no secret that cybersecurity is the single largest challenge facing CIOs and tech leaders in 2017. With mass digitalization, exponential increases in big data volume, the growing popularity of the Internet of Things, and increasingly complex applications, security must not be an afterthought or a retrospective update. Across the nation, companies are scrambling to find top talent to secure their data and infrastructure, but finding the right professionals is problematic. Below, we explore several 2017 hiring trends in cybersecurity, with the hope that this insight will assist your search.
Growing Cybersecurity Threats
Enterprise-level cyberattacks are no longer a distant possibility. With experts predicting that cybercrime will result in a global cost of $6 trillion by 2021, there’s no denying that threats and vulnerabilities in your technical infrastructure are likely a given.
15 years ago, organizations could secure their IT systems at the perimeter, but as cloud technologies and data volumes both grow exponentially, it has become increasingly difficult to defend and protect against hackers. Furthermore, attacks from the inside – with cyber criminals using stolen authentic credentials or employing end-user manipulation – are on the rise. Additionally, with the Internet of Things thriving in popularity, connected devices present a growing number of entry points from which hackers can attack.
Ultimately, cybersecurity can no longer be an afterthought when it comes to building new and updated applications, software, systems and networks. It must be integrated from inception, and organizations will be held increasingly accountable for having security tactics and defenses in place.
The Shortage of Cybersecurity Professionals
Inevitably, increased cyber threat leads to increased demand for security professionals. Unfortunately, supply simply can’t keep up. Global spend on cybersecurity is expected to reach $1 trillion over the next four years, yet by just 2019, experts foresee a cybersecurity skills shortage to the tune of 1.5 million unfilled jobs.
While we typically view low unemployment rates as a positive sign, the zero percent unemployment rate in cybersecurity is a huge challenge to organizations world-wide. The need for these professionals has simply grown faster than the rate at which they can be trained. In response, some companies are choosing to cross-train tech professionals from other areas of IT. Others recognize the importance of hiring new graduates, who are educated in cybersecurity but have little to no on-the-job experience. In both cases, training is essential.
Finding seasoned security professionals is a much greater challenge. Most are happily employed, or at least only passively searching for new opportunities. This means they won’t be on job boards or in resume databases. They can more easily be found through networking, referrals, and competent recruiters, but even then, it’s going to take a lot to recruit them.
Inflated Cybersecurity Salaries
The candidate market is a little like the housing market; when more people are searching for a great house in a hot location that’s move-in ready without so much as an extra lick of paint, competition skyrockets, people start out-bidding each other, and the price tag increases exponentially.
It should come as no surprise, then, that the average salary for a cybersecurity professional has likewise increased. According to our own research, hiring the top 25% of talented professionals will require a 15-25% higher salary. For the best security engineers in Dallas, for example, you’re looking at a $150,000 price tag.
A recent Computerworld survey indicated that 47% of organizations plan on increasing their IT budgets for security technologies in 2017. In fact, security is the largest leadership challenge among all companies surveyed, and admittedly the most difficult to hire for. In short, IT leaders must recognize that if they are to protect their business against cyber threat, they almost certainly need to allocate more of their budget to hiring top security professionals. Check out our regional 2017 IT Compensation & Hiring Guides for the most up-to-date salary information.
Diversity in Cybersecurity
Some experts claim that part of the root cause of the cybersecurity talent shortage is a lack of diversity. Discrimination – even if it’s unconscious bias – can be a major demotivator to people who may otherwise enter or stay in the industry, and this seems to be a problem in IT in general, especially cybersecurity. This issue appears across lines of gender, ethnicity, and generation.
A recent study found that only 11% of security professionals are women, a statistic that has remained stagnant over the last couple of years. Minorities are also severely underrepresented, at just 12% of the workforce. For organizations to help overcome the cybersecurity talent shortage, it’s essential to understand the issue of bias and discrimination – whether conscious or unconscious – in order to attract and retain more of these groups to the industry.
It appears that there’s also a generational bias in the cybersecurity sector, with Millennials seen as more of a risk to security than a solution. Although, as mentioned, some companies are open to hiring new graduates and training them, others are wary about the digital habits and attitudes that this generation brings to the workplace. In the UK, only 12% of the cybersecurity workforce is under the age of 35 and all data suggest the US is facing similar trends. Considering that Millennials have become the largest generation in the workplace, that statistic is unnerving.
Hiring for Cybersecurity in 2017?
Information security is one of the top areas of focus for tech leaders this year. The threat of cyberattacks is no longer a distant possibility, reserved for big-name brands or billion-dollar companies. If your goal for 2017 is to augment your cybersecurity workforce, it’s clear that there are many factors to consider in recruiting, retaining and training these professionals.
Are you hiring in 2017? For more key market data and in-depth compensation analysis, find your complimentary 2017 IT Hiring and Compensation Guide here.
Shannon Volk is the Managing Director, Phoenix of MDI Group. If you are interested in learning more about how to justify hiring the best IT talent, contact Shannon directly at firstname.lastname@example.org, or call us 888-416-7949. MDI Group has offices and specializes in recruiting IT talent in Atlanta, Austin, Charlotte, Dallas/Fort Worth, Greenville and Phoenix.