US Cybersecurity Worker Shortage Expanding

The demand for cybersecurity workers across the United State continues to grow, according to new data from CyberSeek.

Nationally, said the report, there were 301,873 cybersecurity job openings in the private and public sectors during the 12-month period between April 2017 and March 2018. This included 13,610 openings in the public sector.

The total employed U.S. cybersecurity workforce in the relevant 12 months is 768,096, the report said.

The new data from CyberSeek – a joint development of CompTIA and Burning Glass Technologies comes on the heels of a new government report that calls for immediate and sustained improvements in the country’s cybersecurity workforce.

According to the report, “employers increasingly are concerned about the relevance of cybersecurity-related education programs meeting the needs of their organizations.” The report was produced by the U.S. Departments of Commerce and Homeland Security as part of the 2017 Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.

“The cybersecurity talent shortage is widespread, impacting all 50 states” said Matthew Sigelman, chief executive officer at Burning Glass Technologies. “In every state, the employed cybersecurity workforce would have to grow by over 50 percent to align with the market average supply and demand ratio.”

Across all jobs, there were 6.5 employed workers per opening from April 2017 through March 2018. In cybersecurity, there are only 2.5 employed workers per opening, said the report,

The metro regions with the largest absolute number of cybersecurity job openings are Washington, D.C. (43,200 openings), New York (19,993) and Chicago (11,464). Among large metro areas cybersecurity job openings are most heavily concentrated in Washington, D.C. (540% more openings per capita than national average), Baltimore (190%), and San Jose, Calif. (180%).

CyberSeek is aligned with the National Institute of Standards and Technology’s NICE Cybersecurity Workforce Framework. This connection provides unprecedented visibility into the job roles that are most in demand.

The latest data shows that the largest number of job openings – 194,224 – are in the category of Operate and Maintain. This category includes work roles related to the support, administration and maintenance of IT systems, though not many pure cybersecurity roles. This demonstrates the ubiquity of cybersecurity skills across the technology spectrum, said the report.

“We’ve seen dramatic shifts in enterprise technology as organizations adopted a cloud-first mentality, mobile devices became ubiquitous and digital data has grown in relevance,” said Todd Thibodeaux, president and CEO, CompTIA. “Yet for all the focus on new and emerging technologies, cybersecurity remains the constant, led by a trained and certified cybersecurity workforce. CyberSeek demonstrates that the cybersecurity field is rich with opportunities for current and prospective technology professionals.”

CyberSeek includes a career pathway, identifying 10 core cybersecurity roles and five cybersecurity feeder roles, or career areas that may serve as stepping stones into cybersecurity. Of the core cybersecurity roles, the largest current demand is for Cybersecurity Engineers with 37,580 openings. Four of the 10 core cybersecurity roles have average advertised salaries over $100,000: Cybersecurity Architects, Cybersecurity Managers, Cybersecurity Engineers, and Cybersecurity Consultants. Of these, Cybersecurity Architects have the highest average salary at $133,000.

CyberSeek was created by CompTIA and Burning Glass Technologies through a grant awarded by NIST, a non-regulatory agency of the U.S. Department of Commerce. NIST promotes U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.