Cybersecurity Jobs, 2015Burning Glass Technologies Research
A new Davos report using our data answers a basic question about technology and the future of work: in many cases, it’s cheaper to reskill workers than to hire new ones.
Using Burning Glass data, the Drucker Institute identified the top 250 best U.S. companies. Here’s an inside look at what makes these companies so innovative.
Cybersecurity Jobs, 2015
American employers have realized the vital importance of cybersecurity—but that realization has created a near-term shortage of workers that may require long-term solutions.
Cybersecurity was once the province of defense contractors and government agencies, but in this, the third edition of our annual cybersecurity job market analysis, we find hiring has boomed in industries like Finance, Health Care, and Retail. A glance at the headlines is enough to explain why. In addition to the federal Office of Personnel Management, recent cyber breaches have hit major consumer companies like Chase and Target. According to PwC’s 2015 State of US Cybercrime Survey, a record 79% of survey respondents said they detected a security incident in the past 12 months. Many incidents go undetected, however, so the real tally is probably much higher.
Yet we are also seeing multiple signs that demand for these workers is outstripping supply. Job postings for cybersecurity openings have grown three times as fast as openings for IT jobs overall and it takes companies longer to fill cybersecurity positions than other IT jobs. That’s bad for employers but good news for cybersecurity workers, who can command an average salary premium of nearly $6,500 per year, or 9% more than other IT workers.
Or put another way, there were nearly 50,000 postings for workers with a CISSP certification in 2014, the primary credential in cybersecurity work. That amounts to three-quarters of all the people who hold that certification in the United States—and presumably most of them already have jobs.
This is a gap that will take time to fill. The skills for some IT positions can be acquired with relatively little training, but cybersecurity isn’t one of them. For example, five years of experience are required to even apply for a CISSP certification. That doesn’t even consider the rising demand for experience in a specific industry, like finance or health care. This suggests that the shortage of cybersecurity workers is likely to persist, at least until the education and training system catches up.
Key Trends in Cybersecurity Jobs
Cybersecurity jobs are in demand and growing across the economy
- The Professional Services, Finance, and Manufacturing/Defense sectors have the highest demand for cybersecurity jobs.
- The fastest increases in demand for cybersecurity workers are in industries managing increasing volumes of consumer data such as Finance (+137% over the last five years), Health Care (+121%), and Retail Trade (+89%).
Positions calling for financial skills or a security clearance are even harder to fill than other cybersecurity jobs
- The hardest-to-fill cybersecurity jobs call for financial skills, such as Accounting or knowledge of regulations associated with the Sarbanes-Oxley Act, alongside traditional networking and IT security skills. Because finance and IT skills are rarely trained for together, there is a skills gap for workers who meet the requirements of the “hybrid jobs.”
- More than 10% of cybersecurity job postings advertise a security clearance requirement. These jobs, on average, take 10% longer to fill than cybersecurity jobs without a security clearance.
Cybersecurity positions are more likely to require certifications than other IT jobs
- One third (35%) of cybersecurity jobs call for an industry certification, compared to 23% of IT jobs overall.
Cybersecurity employers demand a highly educated, highly experienced workforce
- Some 84% of cybersecurity postings specify at least a bachelor’s degree, and 83% require at least three years of experience. Because of the high education and experience requirements for these roles, skills gaps cannot easily be resolved though short-term solutions. Employers and training providers must work together to cultivate a talent pipeline for these critical roles.
Geographically, cybersecurity jobs are concentrated in government and defense hubs, but are growing most quickly in secondary markets
- On a per capita basis, the leading states are Washington D.C., Virginia, Maryland, and Colorado; all have high concentrations of jobs in the federal government and related contractors.