Our friends at ISACA® report the results of the annual ISACA global 'State of Cybersecurity' Survey, conducted in the fourth quarter of 2019. This Part 1 survey report highlights current trends in cybersecurity workforce development, staffing, budgeting and gender diversity. The report echoes - and reaffirms - key findings of prior years: Enterprises are still short-staffed in cybersecurity, struggle to find sufficient talent for open positions and expect their cybersecurity budgets to grow. Efforts to increase the number of women in cybersecurity roles progressed slightly, and more enterprises established gender diversity programs.

Challenges Persist in Cybersecurity Resourcing

ddls blog isaca cyberthreats resources

The demand for cybersecurity talent2 has steadily risen, which is good news for new and aspiring practitioners. Although this year’s survey results on staffing are largely consistent with prior-year data, current data reveal a sizeable shift away from assessments of significantly understaffed to appropriately staffed (figure 3). Last year, 21 percent of respondents reported that their cybersecurity team was significantly understaffed; only 15 percent report the same perception this year. The percentage of respondents who believe that their cybersecurity team is appropriately staffed increased from 25 percent last year to 31 percent this year. The industry remains a seller’s market and, consequently, enterprises face resourcing and retention issues. Analysis of this year’s responses confirms that understaffed organizations are significantly more likely to have retention issues. Additionally, understaffed teams are significantly more likely to have experienced more cyberattacks during the last year - a point supported by other cyberworkforce data.

Qualifications and Confidence Levels

ddls blog isaca cyberthreats qualifications

Survey results indicate that hiring manager confidence is low when it comes to applicants. Figure 10 indicates that 70 percent of respondents generally do not believe their applicants are well qualified. Although this datapoint alone does not characterize deficiencies among applicants, it does help to explain delays in filling positions - not surprisingly, 73 percent of respondents who reported less than 25 percent of their applicants are well qualified have unfilled positions longer than three months.

You can download the full report here.

View all of our ISACA courses here.



Feature Articles


Blog
2024-2025 Government Budget: Focusing investment in cyber security skilling
By Jeremy Daly | 1 July 2024
Blog
The Growing Importance of Management Skills and the AMA CPM Certification in 2024
By Gary Duffield | 29 July 2024
Blog
The ASD’s Essential Eight: How to Implement Cyber Security Strategies with Training
By Leif Pedersen | 14 October 2024
Blog
5 Common RPL Challenges and How to Overcome Them
By Shanil Sharma | 15 August 2024
Blog
Transforming Your Business and Workforce with Microsoft AI Training
By Leif Pedersen | 30 July 2024
Blog
Security maturity is not a technical-only problem - invest in your people
By Jeremy Daly | 11 November 2024