Emerging Technologies

The cybersecurity industry has an urgent talent shortage. Here’s how to plug the gap

Programmer working at their desk.

The global cybersecurity industry is in need of 4 million more professionals. Image: Unsplash/Jefferson Santos

Michelle Meineke
Senior Writer, Forum Agenda
This article is part of: Centre for Cybersecurity
  • The global talent shortage, which spans nations states and industries, could reach 85 million workers by 2030, causing approximately $8.5 trillion in unrealized annual revenue.
  • Four million professionals are urgently needed to plug the talent gap in the global cybersecurity industry.
  • Attracting, training and retraining cybersecurity professionals is key to helping organizations and society stay safe online, according to the World Economic Forum’s Strategic Cybersecurity Talent Framework white paper.

A global shortfall in cybersecurity talent must be tackled rapidly. That’s the view of the World Economic Forum in its Strategic Cybersecurity Talent Framework white paper, which aims to rally millions of industry professionals to help safeguard our digital world.

The global cybersecurity workforce grew by 12.6% between 2022 and 2023 – a significant year-on-year climb for any industry. But the talent gap is still far from filled. Today, four million workers in the cybersecurity industry are needed worldwide, the white paper highlights.

Have you read?

The workforce shortage is a global concern that spans nation states and industries. Estimates suggest that by 2030 there could be a global talent shortage of more than 85 million workers. In just six years, the Forum says this significant talent squeeze could lead to an estimated $8.5 trillion in unrealized annual revenue. If this sum was the GDP of a country, it would be the third highest in the world after economic superpowers the US and China.

The cybersecurity industry is affected by this global shortage of workers and urgently needs to take actionable approaches to attract and retain skilled staff. Two-thirds of organizations face additional risks because of cybersecurity skills shortages, yet only 15% of firms expect cyber skills to significantly ramp up by 2026, the white paper explains. The Forum notes that the cyber industry’s continual demand for talent means “there is little optimism that the supply will catch up” despite intensifying pressure points.

Visual representation of the Cybersecurity Talent Framework
There are four priority areas identified for attracting cybersecurity talent. Image: WEF/Strategic Cybersecurity Talent Framework

Vital buffers against cybersecurity attacks

Cybersecurity talent is the industry's main defence against a rapid rise in online attacks that are increasingly complex and unpredictable.

The extraordinarily fast evolution of cyber attackers’ abilities is inadvertently being complemented by a growing choice of technologies – such as AI, big data and predictive analytics – that they can use to leverage their threats.

There was a 72% climb in the number of data breaches worldwide in 2023. The healthcare sector is particularly vulnerable, says Natasa Perucica, Capacity Building lead at the Forum’s Centre for Cybersecurity, because attacks “can result in consequences that can have implications for the human life of patients”. She gives the example of deliberate misplacement of prescriptions, or taking control of medical instruments.

Consequently, it is “imperative for decision-makers to prioritize cybersecurity talent management as a strategic necessity,” the Forum says. Collective efforts, such as the Forum’s Bridging the Cyber Skills Gap, can help build positive momentum.

Discover

How is the Forum tackling global cybersecurity challenges?

Cybersecurity shortages are worldwide

According to the recently released whitepaper, cyber's talent shortage is greatest in Asia-Pacific and North America, but the challenge for the cybersecurity industry is global.

India is home to nearly one-third of the world’s graduates in science, technology, engineering and mathematics (STEM), yet 30% of its 40,000 job vacancies for cybersecurity professionals in May 2023 were not filled due to talent shortages, the white paper finds.

In Africa, there are approximately 20,000 certified security professionals in a continent of 1.4 billion people.

The challenge is certainly not exclusive to developing nations. In the UK, 43% of small and medium-sized enterprises (SMEs) haven’t been able to hire cybersecurity support and there are more than half a million vacancies for cybersecurity professionals in the US, despite it being ranked the world’s most digitally competitive nation.

Enablers of the Cybersecurity Talent Framework
The cybersecurity workforce landscape needs to be multifaceted to help secure our increasingly digitalized world. Image: WEF/Strategic Cybersecurity Talent Framework

How can organizations attract cybersecurity talent?

Workers have more career choices than ever, which is partly due to our increasingly hyperconnected world. This means the cybersecurity industry must work harder to capture potential employees’ attention, such as illustrating value-based and multifaceted career paths, the white paper says.

The stakes can be high. Previous cyberattacks have revealed billions of individuals’ data records and cost billions of US dollars. Unsurprisingly, technical skills are often in the spotlight when it comes to careers in the cybersecurity industry. However, softer skills are also highly valued, “in order to be able to deal with the complexities of cybersecurity,” says Perucica, with communication, teamwork and troubleshooting skills forming a core part of professionals’ cyber journey.

Finding, hiring and training the millions of cybersecurity professionals required by 2030 is a vast challenge, so it is important that hired talent want to build long-term careers in the industry, says the white paper.

But it’s also important to remember that “cybersecurity is not just the responsibility of cybersecurity professionals, but it is also the responsibility of all the other employees working for the organization in question,” says Perucica. “Through their responsible behaviour and responsible use of digital technologies, like their devices, they contribute to the security of the overall organization.”

Loading...
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Related topics:
Emerging TechnologiesJobs and the Future of Work
Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

5 ways to achieve effective cyber resilience

Filipe Beato and Jamie Saunders

November 21, 2024

Why AI is Southeast Asia's new engine for profitable growth

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum