On 20th January 2023, Google announced it would lay off 12,000 employees. Amazon and Microsoft have laid off a combined 28,000 people, Twitter has reportedly lost 5,200 people, Meta (Facebook) is laying off 11,000. This is just the tech giants, and almost all the staff looking for new positions are, tech-savvy and some include cyber security professionals.
Layoffs are not limited to the tech giants. Smaller cyber security vendor firms are also affected. OneTrust has laid off 950 staff (25% of employees), Sophos has laid off 450 (10%), Lacework (300, 20%), Cybereason (200, 17%), OwnBackup (170, 17%) and the list goes on.
However, the demand for cyber security talent has been accelerating for years, and employers are showing no signs of slowing down. That’s why it is more important than ever to build robust talent pipelines to ensure a safer digital world. We can’t leave gaps in organisations cyber security defenses simply because there is not enough trained workers to plug them.
According to data from Cyber Seek, more than a million IT professionals are currently part of the cyber security workforce. This number has been steadily growing over the past few years. With more than 750,000 open cyber security positions across the US. In states such as Florida, Texas and California, there are anywhere between 25,000 and 83,000 job openings available.
The reason for this growing gap is simple: Cyber security threats are on the rise, and there aren’t enough skilled professionals to meet increasing demand. From the ongoing risks of ransomware to emerging attack vectors created by work-from-home policies and the adoption of anywhere, anytime resource access, companies now face a myriad of old and new threats that can quickly derail business operations.
According to new data from the National Initiative for Cyber security Education, the total number of employed cyber security workers held fairly steady in 2022 at around 1.1 million, while the number of online job postings edged down to 755,743 from 769,736 in the 12-month period ending in December 2022.
“Despite concerns about a slowing economy, demand for cyber security workers remains historically high. Companies know cybercrime won’t pause for a market downturn, so employers can’t afford to pause their cyber security hiring,” said Tor Macleod, Founder of Via Resource.
Demand for cyber security workers rose in both public and private sectors, where between 2021 and 2022, public sector cyber security demand grew 25% (45,708 job postings), while private sector demand grew at a rate of 21% (710,035 job listings). In the past three years, private sector cyber security demand has grown 36%, while public sector demand grew 58%.
Recruiting talent within cyber security is possible, but companies must consider looking beyond degrees and technical training to secure talent in the sector. Once recruited, organisations must develop and train existing employees as an ongoing process. This will reduce staff churn and promote the learning culture essential to mitigating cyber risk.
Utilising a specialist Cyber Security recruiter, has significant benefits for clients and candidates. In our recent article we highlighted some of the reasons that you ought to use a specialist recruiter and the benefits that you will gain from having done so.
Outsourcing will likely be more integral in organisational cyber security strategies, partnering with external companies or individuals with specific expertise that supplement existing internal capability to elevate their cyber security risk profile. This approach would also reduce pressure on internal teams during crunch periods and empower upskilling by providing time and headspace to develop new skills.