17 Dec 14 Industry Insights

Cybersecurity's Hiring Crisis: Why is IT Security Talent So Scarce?



In early August I wrote a blog post on the attitude towards IT Security following our first IT Security Event. A common theme from the discussions was that organisations are not doing enough to secure their business from IT threats. Quite alarmingly, IT security is often treated as an afterthought rather than a high priority.



IT Security meme

Luckily, this isn’t a reflection on our clients’ views on IT Security.



It’s not like there isn’t a critical need for more robust IT security systems. In 2014, hundreds of millions of records have been stolen this year through hacks and data breaches as a result of poor, or flawed security. Sony, eBay, JP Morgan, the US Postal System, Snapchat, Target, Home Depot, Spotify, and even Hollywood celebs count among those affected by security breaches this year.



Even poor J-Law has been a victim of cyber attacks


Since my last post I have seen a steady increase in demand for skilled and experienced security professionals over the last four months, suggesting that more companies want to invest more in this area.


However, there is a distinct lack of security talent in the market, especially in comparison with other, popular roles in the tech industry such as project managers or developers.


According to a recent cybersecurity report by Cisco it is estimated that in 2014 there were one million unfilled cybersecurity jobs globally.



Just think of all those empty office cubicles waiting to be filled with Cybersecurity professionals…



Of course, the shortage in talent is great news for qualified candidates as they can demand higher salaries, as a quick comparison of the 2004 ISC2 report with the 2013 report indicates.



We assume this is what Senior IT Security professionals do on payday



So why do we have an IT Security Hiring Crisis?

I raised this question with Becky Pinkard, Director of Security Operations at Pearson Global. As a widely recognized security transformation expert who’s worked in information technology since 1996, she has a palpable understanding of the scarcity of IT Security talent relative to the escalating demand.



Becky Pinkard, IT Security Professional


According to Becky, predictions have been pouring in for the better part of the past 10 years prophesying the accumulating security skills shortage. With increasingly specialised technologies focused on delivering complex solutions across globally diverse infrastructures, the strain has never been greater on the talent pool for qualified IT and information security professionals. 


But why haven’t we seen an increase in the number of Information Security professionals to meet the growing demand?

Over a lively lunchtime discussion on what she calls the “InfoSec Hiring Crisis” we identified four key reasons for the imbalance in the IT Security job market:


1.     IT Security is still too niche – it isn’t a popular or recognised career path


2.     With technology moving forward at a rapid pace security needs to keep up


3.     IT Security has to be selected as a path for training and/or qualification – it’s rarely included in school curriculum


4.     With so much competition for information security professionals, it can be difficult to retain top talent



What can we do to address the IT Security skills shortage?

In my next post I will explore how companies can attract and retain the top talent in this area and how we need to adjust our global mind-set to increase the number of specialists in this field. 

stay tuned



Written by Pratap and Izzy, with Becky Pinkard’s generous contribution.





You might also like


Cybersecurity's Hiring Crisis: What Can We Do? 


Security In Business - Do We Take It Seriously Enough? 






Thinking about your next move? Visit to browse our current vacancies and check out our blog for career advice and the latest tech industry insights.


Like our content? You'll love our newsletter