Bridging the Security Skills Gap in the Workforce

Bridging the Security Skills Gap in the Workforce


Organizations of all sizes feel the pressure to expand their digital footprint to increase their competitive advantage. However, they are struggling to find specific security talent to help them with the adoption of the latest information technology solutions because there is a growing security skills gap in the workforce that creates an irresistible opportunity for cybercriminals. To bridge the gap, its important to reconsider where security talent comes from and how it's acquired.

Understanding the Security Skills Gap

ESG and ISSA Research conduct a wide-ranging global survey of IT professionals at the end of each year to identify areas where organizations have a problematic shortage of skills. At the end of 2018, security ranked at the very top, with 53 percent of survey respondents reporting the shortage of security skills as the most pressing problem at their organization. That’s a dramatic increase from the end of 2015, when security was selected by only 42 percent of organizations


According to Marc van Zadelhoff, general manager of IBM Security, there could be 1.5 million open cybersecurity jobs by 2020. “Even if the industry was able to fill the estimated 1.5 million open cybersecurity jobs by 2020, we’d still have a skills crisis in security. The volume and velocity of data in security is one of our greatest challenges in dealing with cybercrime.”

Some estimations are even bleaker, predicting around 3.5 million unfilled security jobs by the 2021. Clearly, expecting the job market to change wouldn’t be wise, so organizations have to figure out other ways how to bridge the security skills gap and address their growing need for security talent.

3 Ways How to Bridge the Security Skills Gap

The market research and business consulting firm Frost & Sullivan estimates that women make up only 14 percent of the U.S. cybersecurity workforce. Organizations should do whatever they can to change this.

They can, for example, encourage more women applicants by supporting coding camps for young girls, address the existing bias in hiring practices, and support non-profits such as Women in CyberSecurity (WiCyS), which is dedicated to bringing together women in cybersecurity from academia, research and industry to share knowledge, experience, networking and mentoring.


Another way how organizations can bridge the security skills gap involves the adoption of the so-called new-collar approach. For a long time, hiring managers have prioritized education and previous work experience over skills and personal achievements, causing many talented candidates to feel not qualified for the job.

According to IBM’s executive report, “It’s Not Where You Start—It’s How You Finish: Addressing the Cybersecurity Skills Gap with a New Collar Approach,” organizations should look for nontraditional candidates with diverse backgrounds and skillsets and expect them to strive for continuous learning and professional growth once hired.

The only problem with the two above-mentioned ways how to bridge the security skills gap is how long it takes for them to bring results. For many organizations, yesterday was already too late to find security talent, and such organizations should consider the managed security services provided by us at BCA. With our help, you can effortlessly outsource all your security needs so you can better focus on what matters the most: your core business.


It’s clear that the security skills gap in the workforce will only grow larger in the upcoming years. All organizations need to realize that the time to find an effective way how to bridge it is now. Managed security services make it very simple for organizations to boost their security talent and face the numerous cybersecurity challenges that threaten those who neglect their defenses.