Cybersecurity workforce barely moves forward
The global cybersecurity workforce experienced almost no growth in the past year, with only a 0.1% increase, bringing the total to 5.5 million professionals. This flatlining is a sharp departure from previous trends.
In 2022, the sector saw a much healthier 8.7% rise in cybersecurity jobs. The current stagnation is the first since 2019, signaling growing challenges for companies trying to keep up with increasing cyber threats while facing a shortage of skilled professionals.
A tightening economic environment is partially responsible for the slowing workforce growth, creating pressure on businesses to do more with fewer resources.
Budget cuts, layoffs, and freezes hit cybersecurity hard
Organizations worldwide are facing financial pressure, and cybersecurity departments are not immune. Budget cuts, layoffs, and hiring freezes are making the existing shortage of cybersecurity professionals even worse.
According to a survey of cybersecurity professionals conducted by ISC2, 25% reported layoffs in their organizations, while nearly 40% observed budget cuts and hiring freezes.
This downward trend is creating vulnerabilities for businesses, as fewer staff are left to manage increasingly complex cyber threats. Reduced budgets are forcing organizations to limit new hires and stretch the capacities of their existing teams, making it harder to maintain adequate defenses.
The gap between cybersecurity workforce and demand keeps growing
Unfilled roles are skyrocketing in cybersecurity
The gap between the available cybersecurity workforce and the unmet demand for skilled professionals continues to widen. This year, the gap expanded by 19%, translating into 4.8 million unfilled positions globally.
The overall workforce required to meet current cybersecurity demand grew by 8%, now standing at 10.2 million professionals. The widening gap means that organizations worldwide are struggling to fill key roles, which is increasing their risk exposure.
As cyber threats grow more sophisticated, the shortage of professionals capable of defending against them presents an urgent challenge for businesses.
Hiring freezes due to tight budgets widen the talent gap
Budget constraints are a major factor limiting the ability of organizations to hire more cybersecurity professionals, even though the need for additional staff is clear.
Companies are often unable to allocate the necessary funds to expand their teams, further widening the gap between the workforce and demand. The disconnect between the critical need for more professionals and the financial ability to hire has left businesses vulnerable, with insufficient manpower to cover all areas of cyber defense.
Cybersecurity job postings take a dive
Demand for cybersecurity professionals is dropping
While the need for cybersecurity talent is growing, demand for new professionals is decreasing. In the U.S., cybersecurity job postings have dropped by 5.4% year-over-year, according to LinkedIn data.
This decrease is the largest among the 14 countries tracked, indicating that companies are hesitating to invest in expanding their cybersecurity teams despite escalating threats.
Dropping demand may reflect companies’ reluctance to make new hires during economic uncertainty or shifting focus to other areas of business.
Cybersecurity workforce in the U.S. shrinks by 3%
The U.S. maintains the largest active cybersecurity workforce globally, with nearly 1.3 million professionals. However, this figure represents a 3% decline from the previous year, when the workforce stood at approximately 1.34 million.
The contraction highlights the strain being felt across the sector, with fewer professionals available to fill vital roles. Ongoing reductions in the U.S. cybersecurity workforce could have a lasting impact on businesses’ ability to respond to new threats effectively.
Cybersecurity threats are harder than ever but teams aren’t growing
Cybersecurity professionals are facing the toughest threat landscape in years
Nearly 75% of cybersecurity professionals agree that the current cyber threat environment is the most challenging they’ve experienced in the past five years. With attacks becoming more frequent and sophisticated, the pressure on security teams is mounting.
Yet, the workforce remains stagnant, leaving organizations with fewer resources to combat increasingly complex threats. The imbalance is putting companies at higher risk, as smaller teams struggle to stay ahead of cybercriminals who are leveraging advanced techniques and technologies to exploit vulnerabilities.
Skills shortage and capabilities gap are hitting security teams
A shortage of skills is compounding the issue. 90% of respondents in the cybersecurity field report a lack of necessary skills within their organizations. This skills gap has become a more pressing issue than overall staffing shortages, with two-thirds of professionals noting that the absence of specific expertise is the primary challenge in defending their organizations.
These gaps create weaknesses that can be exploited by cybercriminals, leaving organizations exposed to breaches that could have been prevented with better-trained personnel.
Skills gap widens as entry-level hiring stalls
Organizations aren’t developing entry-level talent fast enough
The lack of entry-level talent is becoming a serious issue within cybersecurity. Nearly 1 in 3 cybersecurity teams do not have any entry-level professionals, which creates a long-term talent development problem.
Through focusing almost exclusively on hiring mid- and advanced-level candidates, companies are overlooking the need to build a pipeline of new talent—which may alleviate short-term demands—but leaves organizations unprepared for future growth and succession planning.
Lack of internal talent development is deepening the cybersecurity shortage
Many organizations lack policies that focus on developing entry-level talent internally, further deepening the skills shortage over time. This lack of internal development programs contributes to the long-term scarcity of cybersecurity professionals and prevents companies from creating a steady flow of trained personnel ready to step into critical roles.
Without a focus on nurturing new talent, the sector faces a continuous struggle to meet the growing demand for cybersecurity expertise.
Broader economic factors are pushing the cybersecurity industry down
Economic uncertainty, combined with contraction in certain markets, is having a direct impact on the cybersecurity sector. Companies are hesitant to invest in expanding their cybersecurity teams during uncertain times, and broader economic pressures are influencing hiring and budget decisions.
Business contraction, particularly in industries hit hard by the current global situation, is beyond the control of the cybersecurity industry but is weighing heavily on its growth prospects.
Cybersecurity experts see a bright future despite current stagnation
Although the current outlook for cybersecurity workforce growth is bleak, industry experts remain optimistic. They predict that the sector will continue to grow in the long term, driven by the evolving nature of cyber threats and the need for better defenses.
Businesses are expected to renew their investment in cybersecurity as they recognize the need to secure their operations against rising threats. Experts believe this stagnation is temporary and that the industry will bounce back stronger in the coming years.
New U.S. initiative aims to close the cybersecurity skills gap
National Cyber Director Harry Coker Jr. has launched a new initiative aimed at addressing the cybersecurity workforce shortage in the U.S. The program seeks to fill the growing number of unfilled roles by targeting candidates who lack traditional qualifications, such as degrees in computer science or engineering.
Through broadening the pool of potential applicants, this program is designed to bring more people into the field and close the skills gap, particularly by focusing on practical, hands-on training rather than formal education.
Final thoughts
As cybersecurity threats evolve and the workforce struggles to keep pace, what steps will your brand take to make sure it stays protected in this increasingly complex environment? Are you prepared to invest in the right talent and innovative strategies to safeguard your business, or will you risk falling behind?