(ISC)2 Study Reveals Vastly Improved Perceptions About Cybersecurity Professionals

Clearwater, Fla. (Sept. 23, 2020) — (ISC)2, the world's largest nonprofit association of certified cybersecurity professionals, today released the findings of its 2020 Cybersecurity Perception Study, in which 2,500 survey respondents across the U.S. and the U.K. gave their opinions of the men and women working in the cybersecurity profession. The research indicates that attitudes toward cybersecurity roles are now overwhelmingly positive, although most people still don't view the field as a career fit for themselves, even as nearly one-third (29 percent) of respondents say they are considering a career change.


As National Cybersecurity Awareness Month approaches in October, the findings indicate a shift in popular opinion about cybersecurity professionals, who have traditionally been viewed through a negative lens as roadblocks to business efficiency. In fact, 71 percent of the survey's respondents, all of whom do not work in the industry, say they consider cybersecurity professionals to be smart and technically skilled, while 51 percent also described them as "the good guys fighting cybercrime." 69 percent of respondents replied that cybersecurity seems like a good career path, just not one they see themselves pursuing.


The cybersecurity industry is made up of 2.8 million skilled professionals, but research indicates that there is a global shortage of 4.07 million, which requires a massive recruitment effort of new entrants to the field who may not have considered the career before. The Cybersecurity Perception Study reveals that the obstacles to attracting these additional workers may be two-fold.


First, 77 percent of respondents said cybersecurity was never offered as part of their formal educational curriculum at any point, making it difficult for most people to gain a solid understanding of what roles in the industry actually entail and how to pursue the career. The second factor that may be limiting interest is a pervasive belief that such roles would require very advanced skills development that would require time and resources to achieve.


  • Conducted during a time of record unemployment amidst the COVID-19 pandemic, the study found that job stability is now the most valued characteristic in a career (61 percent of respondents), followed by ones that offer a "flexible work environment" (57 percent) and only then, "earning potential" (56 percent).
  • In the absence of formal cybersecurity education, perceptions about the industry and the professionals in it are formed primarily through portrayals in TV shows and movies (37 percent of respondents) or by news coverage of security incidents (31 percent).
  • 61 percent of respondents said they believe they would either need to go back to school (26 percent), earn a certification (22 percent) or teach themselves new skills (13 percent) in order to pursue a career in cybersecurity. 32 percent of respondents said they believe too much technical knowledge or training would be required.
  • Generation Z (Zoomers) were the least likely demographic group to cast cybersecurity professionals in a positive light. Just 58 percent view cybersecurity professionals as smart and technically skilled, as opposed to 78 percent of Baby Boomers. And only 34 percent of Zoomers consider them the "good guys, fighting cybercrime," as opposed to 60 percent of Boomers.


The study outlines recommendations for hiring managers and organizations, as well as the industry at large, to make cybersecurity more accessible and inviting to those considering a career change. To download a complimentary copy of the report, please visit: https://www.isc2.org/Research/Perception-Study.


About the Survey Methodology

The (ISC)2 study was conducted through an online survey managed by Market Cube in June 2020. The total respondent base of 2,500 adults has never worked and does not currently work in the field of cybersecurity. 1,500 respondents reside in the United States, while 1,000 reside in the United Kingdom.


About (ISC)2

(ISC)2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 150,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation — The Center for Cyber Safety and Education. For more information on (ISC)2, visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.