Is There a Cybersecurity Skills Shortage?

On Sep. 5, 2020, CNBC released a news brief that over 4 million cybersecurity roles are required globally to close the skills gap, with over half a million required in the United States alone. While some may consider this to be news, those within the industry believe that it’s an existing situation being made worse with the onset of COVID.

Cybersecurity Skills Gap

In April 2019, the global cybersecurity workforce was estimated to be around 2.08 million professionals, as per a study by (ISC)². To fill the skills gap in cybersecurity, there’s a need for 4.07 million additional professionals.

Harvard Business Review also quotes, “The majority of chief information security officers (CISOs) around the world are worried about the cybersecurity skills gap, with 58% of CISOs believing the problem of not having an expert cyber staff will worsen.”

So what’s made it worse during COVID? A recent (ISC)² study indicated that cybersecurity incidents have escalated after moving to remote work as per 23% of organizations. Some of them have experienced a twofold rise in these incidents. Compound this startling statistic with 47% of respondents indicating that they “have been taken off some or all of their typical security duties to assist with other IT-related tasks, such as equipping a mobile workforce.”

What is an organization to do when faced with such a significant challenge

With little foreseeable change happening in the labor market, the only solution that organizations have is to automate:

  1. Tools exist that enable developers to consistently implement security and compliance standards into software so that it can be tracked by an organization. These tools allow security experts to focus on high-value organization solutions.
  2. These same solutions need to ensure that all developers have access to the same security information and requirements via on-demand training. Security experts rarely have time to train individual developers, and developers don’t have time to sit through training they may not use for weeks.
  3. These solutions need to eliminate as many software vulnerabilities as possible so that developers don’t spend time repetitively working through the very same piece of code. Organizations with limited staff need to use developers as effectively as possible.

Can Balanced Development Automation solutions help

The future of the business relies on being digital – and the software being deployed better be secure and protect privacy! Organizations might be fast and risky by relying on testing, scanning, and audits, then fixing code. Or perhaps they’re slow and safe, producing threat models, risk assessments, and security requirements with scarce and expensive experts.

However, from the statistics we’ve provided above, organizations are likely moving in a fast and risky direction. But what if organizations could go fast and safe, proactively building in security and compliance at scale?

Go Fast. Stay Safe.

Security Compass, a leading provider of cybersecurity solutions and advisory services, enables organizations to adopt Balanced Development Automation for rapid and secure application development. With its flagship product, SD Elements, the company helps automate significant portions of proactive manual processes for security and compliance that improve time to market for new technology. In addition, they offer advisory services on how organizations can embrace emerging technologies like cloud to strengthen their security posture. Security Compass is the trusted solution provider to leading financial organizations, technology enablers, and renowned global brands. The company is headquartered in Toronto, with offices in the U.S. and India. Follow Security Compass on Twitter @securitycompass or visit them at to learn more.