2023 ISC2 Study Reveals Cybersecurity Workforce Gap at All-Time High

With the advent of generative AI and a slew of other new digital technologies, there has been much speculation about the state of the workforce—particularly as it pertains to cybersecurity. It’s a common apprehension that robots are poised to take over human-dominated professions, leaving fewer options for skilled labor. A recent report from ISC2, however, reveals that the global workforce gap is continuing to grow, with a 12.6% increase in the last year alone. Though cybersecurity professionals have not been immune to cutbacks, there is a significant need for additional staff to prevent and troubleshoot security issues.

Here, we’ll take a look at some of the key findings from the 2023 ISC2 Cybersecurity Workforce Study, which surveyed 14,865 cybersecurity professionals to better understand the current state of the industry.

Despite ‌continued growth in the workforce, the ISC2 study revealed that demand outpaced supply by an additional 12.6% this year. The greatest rise is occurring in the Asia-Pacific region (especially Japan and India) and North America. However, areas with particularly rapid growth in supply like the Middle East and Latin America are seeing demand catch up, shrinking their workforce gap year-over-year.

Though the workforce gap continues to grow, cybersecurity professionals are experiencing significant cutbacks. ISC2 reports 47% of cybersecurity workers have experienced cybersecurity-related cutbacks—including layoffs, budget cuts, and hiring freezes. An additional 28% have had layoffs elsewhere in their organizations, which significantly impacted the cybersecurity workforce. Approximately 41% of respondents feel as though these cutbacks have affected their security team disproportionately in comparison to the rest of their organization.

Although it’s not currently a top requirement from hiring managers, the demand for artificial intelligence skills is growing. For the first time, AI/ML skills (28%) were ranked among the top five in terms of demand. This represents a significant jump since 2022 when they were near the bottom of the list of desired skill sets. This increase in AI/ML skill demand is especially critical as AI is expected to overtake worker/skill shortages as the biggest challenge in cybersecurity in the next two years.

As the threat landscape continues to evolve, cybersecurity professionals are experiencing new risks and challenges. The topic of AI’s impact has become unavoidable, and organizations are forced to adapt to keep their cloud email environments safe from advanced attacks. In fact, 36% of cybersecurity professionals cite the risks of emerging technologies like blockchain, AI, VR, quantum computing, and intelligent automation as their biggest challenges experienced over the last 12 months. Additionally, 45% of respondents predict these new technologies will become the number one challenge in the next two years.

The demand for AI/ML knowledge among cybersecurity employees has risen dramatically, yet 84% of respondents said they possess either minimal or only moderate knowledge of these skills. This gap between demand and availability of AI/ML skills (32%) is second only to the gap in cloud computing security (35%), so it is clear that immediate access to AI-based professional development is an urgent need.

Despite the challenges presented by AI, many cybersecurity professionals remain hopeful about the potential of the technology. Thirty percent of respondents viewed AI as one of the three most beneficial advancements for protecting their organization, behind zero trust (34%) and automation (40%).

For many cybersecurity professionals, the challenges associated with the threat landscape have hit an all-time high. Seventy-five percent of respondents view the current threat landscape as the most challenging it has been in the past five years. Only 52% believe that their organization is properly equipped with the tools and people needed to respond to sophisticated cyber incidents expected over the next two to three years. Those with shortages and skills gaps are even more worried about being able to keep their organizations secure in the face of advancing attacks.

Cybersecurity professionals are facing increasing challenges in their roles, with workforce gaps and skills deficits causing heightened stress levels. It is crucial for leaders in both the public and private sectors to acknowledge the need for support within the cybersecurity workforce and take action.

One of the most effective ways for organizations to fill their skills gaps and protect themselves from sophisticated, socially-engineered threats like business email compromise is to implement intelligent email security technology that combines cutting-edge behavioral science with risk-adaptive detection.

Abnormal’s AI-powered solution provides a modern approach to cybersecurity, fully automating email security and reducing manual efforts by up to 95%. This allows security teams to focus on higher-priority tasks, saving 15+ hours per week on average. While AI presents new challenges, it also offers opportunities for enhancing cybersecurity capabilities. Abnormal's role can be pivotal in leveraging AI to mitigate the workforce gap and enhance overall cybersecurity effectiveness.

Interested in learning more about Abnormal's AI-powered solution? Schedule a Demo today!