Despite adding more than 4,64,000 workers in the past year, the cybersecurity workforce gap has grown more than twice, and in the Asia-Pacific region, the shortage exceeds 2.16 million, putting organisations at a “moderate” to “extreme” risk of cyber attacks, a new report has revealed.
The size of the global cybersecurity workforce is currently at 4.7 million people. However, the cybersecurity field is still critically in need of more professionals, according to the 2022 ISC2 Cybersecurity Workforce Study.
“To adequately protect cross-industrial enterprises from increasingly complex modern threats, organisations are trying to fill the worldwide gap of 3.4 million cybersecurity workers,” the findings showed.
The report surveyed 11,779 international practitioners and decision-makers to gain their unique perspectives and experiences about working in the modern cybersecurity profession.
While the global cybersecurity workforce grew 11.1 percent year-on-year, adding 464,000 roles in 2022.
Asia-Pacific clocked the highest growth at 15.6 percent, while EMEA’s workforce expanded by 12.5 percent.
North America, which saw the least growth (6.2 percent), still has the largest pool of cybersecurity professionals at 1.34 million.
“The workforce gap is not going unnoticed by cybersecurity workers as nearly 70 per cent feel their organisation does not have enough cybersecurity staff to be effective. The shortage is particularly severe in aerospace, government, education, insurance and transportation,” said the study.
More than half of employees at organizations with workforce shortages feel that staff deficits put their organization at a “moderate” or “extreme” risk of cyberattack. And that risk increases substantially when organizations have a significant staffing shortage.
Compared with last year, far more cybersecurity professionals indicated that their organization had experienced issues like lacking proper time for assessment and oversight of processes, slow patching of critical systems, and inadequate time and resources for training as a consequence of staffing shortages.
Automation is becoming more prevalent in cybersecurity as 57 percent have adopted it today, and an additional 26 percent plan to adopt it in the future.
While it isn’t likely to take the place of cybersecurity workers at any time in the foreseeable future, automating processes that are consistent and repeatable frees up workers to focus on higher-level tasks.
“This may reduce staffing shortage issues without requiring additional staff,” the study said.