Understand the Cyber Skills Shortage to Get Ahead

Jason Yakencheck
Author: Jason Yakencheck, Past President, ISACA Greater Washington D.C. Chapter
Date Published: 14 May 2021

Cybersecurity remains a seller’s market. Threats and exploits continue to be more sophisticated and increase in frequency. Organizations understand the acute need for attracting and retaining top cybersecurity talent. As such, the demand for highly qualified staff continues to be high and presents those with the right skill sets and understanding of market trends an opportunity to take the next steps in their career progression.

ISACA’s State of Cybersecurity 2021 report (part 1) details current trends in cybersecurity workforce development, staffing and cybersecurity budgets. The insights provided in this study can be a valuable resource for anyone looking to enter the cybersecurity field or advance their career. The data continues to reinforce trends seen in prior years and demonstrates the critical needs for both technical and soft skills. According to the report, 55 percent of survey respondents say they have unfilled cybersecurity positions and “hands-on cybersecurity experience remained the primary factor in determining whether a candidate is considered” for a potential role.

With a comprehensive understanding of cybersecurity market trends, applicants can devise a plan to build in-demand skills and enhance their resumes. Hands-on experience and training through ISACA’s CSX programs is an effective avenue to increase technical skills. When technical skills are coupled with cybersecurity certifications, it can go a long way to differentiating a potential candidate. While security certifications, like CISM and CISSP, matter as a benchmark to establish credibility, not everyone has the means to pursue a certification early on in their career without support from their employer. There are many qualified candidates who do not possess a certification. It is more important to look at someone’s complete body of work rather than deciding solely based on whether someone has a certification. As shown in the State of Cybersecurity report, demonstrated prior hands-on experience and technical acumen is going to carry the most weight.

Hiring managers often are trying to identify the right skill mix and diversity across their teams in order to achieve successful outcomes. Bringing together complementary skillsets and different perspectives increases the likelihood of achieving the desired outcomes of the organization. It is easy to focus on specific technical skills since they are the most tangible and quantifiable, but the data compiled in the 2021 State of Cybersecurity report once again shows the importance of soft skills in cybersecurity. Cybersecurity professionals should not lose sight of the value soft skills bring to their job and career progression.

Career aspirations and interests are unique to each person. Ultimately, it is important for each individual to understand the most effective approach to increasing skills and bolstering their resumes to differentiate themselves to take their career in the direction they want to go. Understanding the skill gaps, market trends and industry sentiment as detailed in the ISACA State of Cybersecurity report is a great asset to understand and identify personal growth opportunities.