Clearwater, Fla. (April 28, 2021) — (ISC)2, the world's largest nonprofit association of certified cybersecurity professionals, today released the findings of its 2021 Cybersecurity Career Pursuers Study, which provides insights on how to successfully staff up a balanced and diverse cybersecurity team with a broad range of skills. The research reflects the opinions of 2,034 cybersecurity professionals (professionals) and cybersecurity jobseekers (pursuers) throughout the U.S. and Canada. Findings help hiring organizations understand the experiences of those who have done the job and the expectations of those who are about to enter the field.
Recruiters and hiring managers may need to adjust the tactics they use to proactively identify internal and external candidates, (ISC)2 analysis of the study suggests. Findings point to strong agreement about:
The study also provides feedback from respondents in their own words. Professionals were asked about tasks performed early in their careers that were most beneficial to their long-term success, as well as how they gained confidence that cybersecurity was the right career choice. Pursers were asked similar questions, including what tasks they expect to be assigned upon entering the field, what challenges they anticipate and why they are confident cybersecurity is the right career for them.
"One of the biggest challenges we have in cybersecurity is an acute lack of market awareness about what cybersecurity jobs entail," said Clar Rosso, CEO of (ISC)2. "There are wide variations in the kinds of tasks entry-level and junior staff can expect. Hiring organizations and their cybersecurity leadership need to adopt more mature strategies for building teams. Many organizations still default to job descriptions that rely on cybersecurity 'all stars' who can do it all. The reality is that there are not enough of those individuals to go around, and the smart bet is to hire and invest in people with an ability to learn, who fit your culture and who can be a catalyst for robust, resilient teams for years to come."
Recruiting Beyond IT
(ISC)2 recommends, based on the research, that with skilled cybersecurity talent increasingly scarce, organizations must adopt more pragmatic approaches to team building. This starts by relying less on the recruitment of cybersecurity 'unicorns' with many years of experience, advanced certifications and deep technical acumen, or sourcing new talent exclusively from IT. Instead, organizations must take broader approaches: curate role-specific requirements; invest in their cybersecurity team's training and professional development, as well as commit to upskilling and reskilling home-grown talent to help team members translate tangential skills into valuable risk management and security know-how. The (ISC)2 report lays out 10 key actionable strategies for hiring managers to review when building their teams.
Additional highlighted findings include:
To download a copy of the report, please visit: https://www.isc2.org/Research/CareerPursuers.
Attend the (ISC)2 Cybersecurity Career Pursuers Study Webinar
For a deeper dive into the stories beyond the numbers, you can register for the upcoming webinar "Building Your Cybersecurity Bench: (ISC)2's Cybersecurity Career Pursuers Study," which will air Tuesday, May 18, 2021 at 1 p.m. Eastern. (ISC)2 CEO Clar Rosso will discuss some of the highlighted findings and trends in more detail. Register today at: https://www.isc2.org/News-and-Events/Webinars/Security-Briefing?commid=484052
About the (ISC)2 Cybersecurity Career Pursuers Study
(ISC)2 conducts in-depth research into the challenges and opportunities facing the cybersecurity profession. Results presented in this report are from a blind online survey conducted by (ISC)2 and Market Cube in December 2020. The total respondent base included 2,034 cybersecurity professionals and cybersecurity jobseekers throughout the U.S. and Canada (1,024 cybersecurity professionals and 1,010 jobseekers pursuing their first cybersecurity role). The margin of error for the descriptive statistics of each group individually, cybersecurity professionals and cybersecurity jobseekers, is plus or minus 3.1% at a 95% confidence level.
(ISC)2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 150,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. For more information on (ISC)2, visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.