Already this year, the tech industry has seen 173 companies “offload” some 56,570 workers, according to data from Layoffs.fyi data. That is in addition to the 158,951 tech employees that were let go last year. Despite that fact, there are still not enough cybersecurity workers to fill the global openings.
Worldwide, there is a shortage of upwards to three to four million, with some 530,000 cybersecurity openings in the United States. The problem has become so dire that it was the topic of the Cyber Future Dialogue 2023 held during last week’s World Economic Forum in Davos, Switzerland.
“The cybersecurity workforce problem is real and is being felt globally,” said Gordon Pelosse, senior vice president, employer engagement at CompTIA the nonprofit association for the information technology (IT) industry and workforce.
“Every company is scrambling for talent, knowledge and solutions in an ever-evolving environment,” Pelosse said during the Cyber Future Dialog 2023 conference. He noted that automation holds promise, still requires human reasoning, strategic decision-making, design, support, and intervention to remediate many of the evolving attacks that we might expect.
Tech Sector Downsize Won’t Address the Issue
Even as companies such as Amazon and Microsoft announce plans to reduce their respective workforces, it is unlikely to impact the shortage of cybersecurity workers.
“The tech sector may be downsizing right now – and will likely continue to do so for balance of this year – but that is only because the ‘bigs’ got a little too far ahead of themselves during the pandemic,” explained Dr. Jim Purtilo, associate professor of computer science at the University of Maryland.
“They hired aggressively in response to the new stay-at-home and work-at-home world, and they made a ton of money too,” Purtilo told ClearanceJobs. “Now the companies are trying to get a little leaner for the current operating environment, and it is probably pretty appropriate. But remember, to this sector as a whole the economy’s ups and downs only affect how fast they print money.”
However, some talent may now be looking for new jobs as those tech giants cut their staff.
“These days, we’re seeing entire security teams recently getting terminated by financially struggling companies,” said Mika Aalto, co-Founder and CEO at Hoxhunt, a Helsinki-based provider of enterprise security awareness solutions.
“I disagree with that approach, but, unfortunately, it’s a fact of the market today,” Aalto said in an email to ClearanceJobs. “Still, someone has to man the security operations. As a result, we’re seeing more and more security operations outsourced to consultants and contractors, or to vCISOs and Global CISOs, or whatever you’d like to call it. This can work with smaller companies, but it’s risky. Security should be looked at as a competitive advantage and a growth strategy, not a luxury.”
Addressing the Shortage
Demand for cybersecurity professionals who can protect computers and computer networks will similarly remain strong. And even as the tech sector is downsizing, or perhaps because of it, there could be opportunities for those wishing to make a career change.
“There’s no shortage of interest in learning and participating in cybersecurity as a career path,” suggested Casey Ellis, Founder and CTO at Bugcrowd, a San Francisco, Calif.-based crowdsourced cybersecurity firm. “Even with recent tech sector job cuts, the needs in cybersecurity are so rapidly evolving and dynamic that the problem could be better described as a talent matching problem.”
Some organizations may now have the financial incentive to wait for the right applicant – and time could be on their side, they can be picky about who they hire and when
“However, layoffs from major tech companies give smaller businesses an opportunity to invest in new employees and gain an edge over the competition,” noted Davis McCarthy, principal security researcher at Valtix, a Santa Clara, Calif.-based provider of cloud native network security services.
“In particular, we are seeing that organizations are looking for more cybersecurity professionals with experience in developing and securing cloud-native technologies–more so than in the last few years,” McCarthy said via an email.
What remains certain, even in these uncertain times is that cybersecurity demand will likely continue.
“Computers aren’t going away,” said Purtilo. “Frankly, since we had a shortfall of cybersecurity professionals in the workforce before, maybe a little tamping of the economic brakes will let the supply catch up with demand. And moving forward, the shape of cybersecurity may evolve in coming years – I would say it must evolve – but there will always be demand for professionals who understand the fundamentals, bring fresh critical thinking skills to work each day and adapt smoothly to the changes in specific technologies.”