This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017.
Cybersecurity is facing a shortage of qualified professionals to occupy the many openings within the sector. Earlier this year, Forbes and other sources pegged job vacancies for available cybersecurity sector jobs at 74 percent for the last five years, and that percentage number is expected to increase globally as security concerns become greater for small, medium and large businesses. In addition, new government regulations and best practices for security will put increasing pressure on the cybersecurity infrastructure of many organizations, making talent shortages that much more visible. So how will companies find this much needed talent and what does this mean for both employers and job seekers? Here are our talent hiring predictions for cybersecurity in 2017.
Security companies will continue to look beyond security for talent.
What we’re beginning to see is a shift toward organizations recruiting talent outside of the security space who possess the adaptable technical abilities to be successful within cybersecurity. In other words, many individuals working in cloud, SaaS, networking, virtualization and mobile technologies, even those without specific IT or network security experience, have the transferable skills to become cloud, SaaS, networking virtualization and mobile security experts. This trend will continue into 2017 and beyond.
Additionally, there is a plethora of IT and security-focused talent currently serving in the armed forces. As the search for cyber talent continues to grow, we can expect to see security companies expanding their veterans programs to aid the transition of qualified military personnel into the private sector. Not only is this a positive story for veterans programs – it’s also a powerful connector between cybersecurity jobs and field-tested cybersecurity talent.
Beyond that, we will see security organizations investing more resources into recruiting “next-generation” talent. Large research universities are beginning to incorporate security into the fabric of a well-rounded STEM education; some have defined cybersesurity curriculum and courses of study, such as New York University. This will lead to an increase of young, educated individuals having more exposure to cybersecurity prior to their entrance into the workforce.
The need for non-technical security professionals will also increase.
As 2017 approaches, more non-technical professionals will enter the world of cybersecurity. Like any other emerging industry transitioning into a stable long-term institution, there will be a need to grow the infrastructure surrounding these new technologies. Sales, finance, accounting and human resources all-stars will all be highly desirable within the security space.
Additionally, there will be greater opportunities for talented marketers and storytellers to share the importance of security in a world defined by the Internet of Things. Cyber education and the emergence of thought leadership will be paramount in creating a more cyber-aware society, conscious of the importance of data protection and threat prevention.
It will also be incumbent upon organizations to reward and retain their best cyber talent – and make sure their cyber talent continue to enhance their skills. A recent study conducted by Enterprise Security Group and the Information Systems Security Association (ISSA) cited that 63 percent of cybersecurity professionals find it difficult to keep up with the demands of their jobs and building their skills. More progressive organizations will proactively invest in continuing education for their top talent.
Security will continue to be a desirable destination for job seekers.
Moving past 2017, the overall security industry is expected to grow upwards of $170 Billion by 2020. As cybersecurity continues to weave itself into the fabric of our digitally connected society, more industries outside of tech will be seeking qualified cyber professionals to setup and maintain secure and private infrastructures, fueling the need for qualified individuals.
A prime example of this is the healthcare industry. As concerns about patient privacy continue to rise, more healthcare providers will be in need of security professionals to safeguard the abundance of sensitive data flowing through their organizations. And as we’ve seen at many healthcare organizations, complying with regulations such as HIPAA is too often at odds with investing in the right security technology.
Acknowledging these needs will help the industry stay healthy and attractive for job seekers, especially with the potential for innovation when it comes to preventing successful cyber attacks. And it’s worth noting that many cyber professionals see the nobility of their work. There is a satisfaction in knowing that their efforts to protect data and safeguard information truly help organizations leverage their technologies for the greater good of society. Cybersecurity has moved beyond merely an IT spend – it’s imperative to protecting our way of life in the digital age. Forward-thinking organizations will know to prioritize investing in their people as much as they do their technology.
Companies acquire other organizations to inherit talent
Many startups specializing in a single security component have entered the space with hopes of their product being integrated into the platform of a larger vendor. The space to date has not seen too many wild acquisitions, but it is possible that they may become more common in the near-future.
Strong emergence of cybersecurity academies from larger players in the sector
With these academies, we will see more IT professionals being trained and certified on the implementation of company specific security products and architectures. While this may sound like an excellent solution to the cyber skills shortage, the cost to create these academies is high for many organizations and the infrastructure needed to maintain them is often challenging to create.
What are your cybersecurity predictions for talent hiring? Share your thoughts in the comments.
[Palo Alto Networks Research Center]