(ISC)2 Study Reveals the Cybersecurity Workforce Has Grown to 3.5 Million Professionals Globally

Clearwater, Fla. (Nov. 11, 2020) — (ISC)2, the world's largest nonprofit association of certified cybersecurity professionals, today released the findings of its 2020 Cybersecurity Workforce Study. 3,790 respondents, all of whom dedicate at least 25 percent of their time to cybersecurity tasks, were surveyed across 14 geographies in order to accurately assess the size of the current cybersecurity workforce and the challenges and opportunities they face.


For the first time, the study indicates a year-over-year reduction in the cybersecurity workforce gap, due in part to increased talent entry into the field and uncertain demand due to the economic impact of COVID-19. The research, conducted from mid-April through June 2020, also provides insights from cybersecurity professionals about their organizations' COVID-19 pandemic response, and the massive effort required to quickly and securely transition their staffs to remote working environments.


The study reveals that the cybersecurity profession experienced substantial growth in its global ranks, increasing to 3.5 million individuals currently working in the field, an addition of 700,000 professionals or 25 percent more than last year's workforce estimate. The research also indicates a corresponding decrease in the global workforce shortage, now down to 3.12 million from the 4.07 million shortage reported last year. Data suggests that employment in the field now needs to grow by approximately 41 percent in the U.S. and 89 percent worldwide in order to fill the talent gap, which remains a top concern of professionals.


In a historically unprecedented year, the study also focused on how security teams and professionals were impacted by COVID-19. The data shows that 30 percent of cybersecurity professionals faced a deadline of one day or less to transition their organizations' staff to remote work and to secure their newly transformed IT environments. 92 percent of respondents indicated that their organization was "somewhat" or "very" prepared to respond, and just 18 percent saw security incidents increase during this time.


"Overall we're seeing some very positive trends from the cybersecurity workforce reflected in this new data," said Clar Rosso, CEO of (ISC)2. "The response to COVID-19 by the community and their ability to help securely migrate entire organizational systems to remote work, almost overnight, has been an unprecedented success and a best-case scenario in a lot of ways. Cybersecurity professionals rose to the challenge and solidified their value to their organizations."


Additional highlighted findings include:

  • Job satisfaction rates increased year-over-year, with 75 percent of respondents saying they are either "somewhat" or "very" satisfied
  • The average annual cybersecurity salary is highest in North America at $112,000
  • 56 percent of respondents say their organizations are at risk due to cybersecurity staff shortages
  • Cybersecurity practitioners are concerned that security budgets will be impacted by revenue losses related to COVID-19. 54 percent are concerned about personnel spending while 51 percent are concerned about technology spending.
  • 23 percent said that they or a peer had been laid off as a result of the pandemic
  • 78 percent of cybersecurity professionals who still need to work from an office say they are either "somewhat" or "very" concerned about their personal safety in relation to COVID-19
  • Cloud computing security is far and away the most in-demand skillset, with 40 percent of respondents indicating they plan to develop it over the next two years
  • Just 49 percent of those in the field hold degrees in computer and information sciences, highlighting the fact that many of the professionals responsible for cybersecurity come from other areas of expertise


In addition to outlining the workforce numbers themselves, the study goes into detail about how the survey and the gap calculation model were designed. It also proposes several steps that organizations should consider in order to expand their addressable talent pool when searching for highly sought-after cybersecurity talent. To download a complimentary copy of the report, please visit: https://www.isc2.org/Research/Workforce-Study.


Attend the (ISC)2 Cybersecurity Workforce Study Webinar

For a deeper dive into the stories beyond the numbers, you can register here for an upcoming webinar titled "Digging Into the 2020 (ISC)2 Cybersecurity Workforce Study," which will air on December 9, 2020 at 1:00pm EST. This roundtable session brings together four (ISC)2 panelists involved in creating this research to discuss some of the highlighted findings and trends in more detail. The session will also be included as part of the (ISC)2 2020 Security Congress agenda, taking place next week from November 16-18. Registration is still open at: https://securitycongress.brighttalk.live/passes


About the (ISC)2 Cybersecurity Workforce Study

(ISC)2 conducts in-depth research into the challenges and opportunities facing the cybersecurity profession. The (ISC)2 Cybersecurity Workforce Study is fielded annually to assess the cybersecurity workforce gap, better understand the barriers facing the cybersecurity profession, and uncover solutions that position these talented individuals to excel in their profession, better secure their organizations' critical assets and achieve their career goals. The margin of error for the global descriptive statistics in this research is plus or minus 1.6 percent at a 95 percent confidence level.


About (ISC)2

(ISC)2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 150,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education. For more information on (ISC)2, visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.