For security breaches, contact our team at 201-825-1255 ext. 7 or critical@stig.net.

As the need for Cybertalent grows, employers are seeking reassurance through certifications

May 28, 2024

Executive Summary

● Demand for cybersecurity talent continues to grow and, along with it, the share of employers requiring cybersecurity certifications. This increased focus on verifiable skills mirrors the increased concern with cybersecurity that many employers share.

● The demand for certifications is particularly high at companies with high-risk exposures. In particular Government Agencies, Financial and Professional Service companies as well as Healthcare Organizations exhibit the highest levels of certification requirements.

● However, only 20% of existing cybersecurity professionals have or report one of these certifications. This may explain the longer-than-average time to fill cyber roles.

● It is therefore paramount to understand the talent pipeline into cybersecurity and what potential sources of talent are. Many specialists are hired and trained in-house, where their previous roles were IT and systems-related.

Introduction

In today’s digital age, where technology is omnipresent and cyber threats loom large, the demand for cybersecurity talent has never been greater. As organizations continue to digitize their operations and store valuable data online, the need for skilled professionals to safeguard against cyber-attacks is paramount. Particularly with the onset of usage of generative AI tools and LLMs, companies want to ensure the right guardrails around sensitive information.

However, with this increasing demand comes a significant challenge: finding and retaining qualified cybersecurity professionals. Employers are not only seeking individuals with a strong understanding of cybersecurity principles but also those who possess verifiable skills and certifications. This emphasis on certifications serves as a verifiable indicator of an individual’s expertise and ability to protect against evolving cyber threats. In this paper, we focus on the growing demand for cybersecurity certifications among professionals. We find that, particularly for companies with high-risk exposures such as those in the financial or healthcare sectors, the need for certified cybersecurity professionals is particularly pronounced.

Despite the escalating demand, only a fraction of available talent holds these coveted certifications, making it a competitive landscape for employers. This scarcity of certified professionals not only makes hiring challenging but also contributes to prolonged vacancies in cybersecurity roles. Understanding where potential talent pipelines exist and where qualified professionals come from is crucial for organizations seeking to bolster their cybersecurity defences. Whether through traditional education pathways, specialized training programs, or alternative talent sources, identifying these talent pools is essential for addressing the growing cybersecurity skills gap.

Demand for certifications

Certifications act as signals of skills and aptitudes to the employer. While individuals without certifications may have similar abilities to perform the same activities, for many employers certifications can act as additional insurance for the aptitudes of candidates. In particular for employers who are new to hiring cybersecurity professionals, certifications can provide a shortcut in verifying the actual skills of a candidate. An analysis of data by Revelio Labs reveals that the demand for cybersecurity certifications shot up dramatically in 2023. The share of job postings explicitly requiring candidates to possess a cybersecurity certification shot up by 12 percentage points between the fall of 2022 and the spring of 2023. This upshot coincides with the release of OpenAI’s ChatGPT in November of 2022 – and while perhaps only coincidental – the renewed attention to the quality of cybersecurity talent is remarkable.

Cyber Certifications Demand -2023
Cyber Certifications Demand -2023

The issue with the increased need for certifications is that it may make hiring harder and costlier. Analyzing Revelio Labs’ professional online profiles of cybersecurity professionals, we find that only 20% of cybersecurity talent currently displays or mentions a cybersecurity certification. While it is possible that people have certifications but don’t advertise them, professionals have a high incentive to advertise their skills, especially when looking for a new job. This likely shortage of certified cybersecurity talent may explain why it takes 21% longer to fill cybersecurity roles than.

Industries With Top Cyber Certification Demands
Industries With Top Cyber Certification Demands

Prolonged Hiring Process for Cybersecurity Roles

When analyzing which industries are most serious about cybersecurity certifications, we find that the share of job postings with the requirement is highest in industries with the highest risk exposures. It is not surprising that Government agencies and Public Sector jobs top the list with the highest requests for certified professionals. Next are Consulting and Advisory services that are tasked to handle sensitive information of their clients and therefore also require stringent credentials. The same is true for patient information in the Healthcare industry.

Talent pipeline into cybersecurity

Understanding the intricacies of the talent pipeline into cybersecurity is essential for organizations striving to fortify their digital defences effectively. After analyzing certifications, we dive into cybersecurity professionals’ career patterns. A significant portion of cybersecurity specialists is nurtured internally, with many individuals transitioning from IT and systems-related roles within their organizations. This internal upskilling of talent not only capitalizes on existing institutional knowledge but also ensures that professionals are intimately familiar with the organization’s infrastructure, making them uniquely positioned to address cybersecurity challenges specific to their environment.

Prior to entering into cybersecurity roles, many professionals work in IT specialties or technical support roles. These foundational positions provide invaluable hands-on experience with various systems, networks, and technologies, laying a solid groundwork for a seamless transition into cybersecurity. The skills acquired in these roles, such as troubleshooting complex technical issues and understanding system architectures, are highly transferable and form the bedrock of a successful cybersecurity career. Thus, the journey from IT specialist to cybersecurity professional underscores the interconnectedness of these domains and the importance of cultivating diverse skill sets within the cybersecurity workforce

Talent Pipeline Cybersecurity Roles
Talent Pipeline Cybersecurity Roles

Furthermore, cybersecurity talent tends to have higher levels of education than other corporate roles. The data shows that 43% of all cybersecurity talent holds more than a Bachelor’s degree, reflecting the complex and rapidly evolving nature of the discipline. Advanced degrees in fields such as computer science, cybersecurity, or information technology equip professionals with the specialized knowledge and analytical skills necessary to navigate the intricacies of modern cybersecurity threats. As organizations grapple with increasingly sophisticated cyber attacks, the demand for highly educated cybersecurity professionals is expected to continue growing, underscoring the importance of investing in advanced education and training programs within the field.

Cybersec Professionals Often Hold Masters Degree
Cybersec Professionals Often Hold Masters Degree

Conclusion

In summary, the growing demand for cybersecurity talent, coupled with the increasing emphasis on certifications, underscores the critical need for organizations to prioritize their cybersecurity strategies. The prevalence of certification requirements, particularly in high-risk sectors like government, finance, and healthcare, reflects the growing concern over cybersecurity threats. However, the disparity between demand and the current pool of certified professionals, with only 20% possessing these credentials, highlights the challenges organizations face in filling cybersecurity roles promptly. To address this gap, it’s important for organizations to understand and invest in their talent pipelines, leveraging in-house training and recruiting strategies to cultivate cybersecurity expertise from within. By recognizing and addressing these key dynamics in the cybersecurity talent landscape, organizations can better position themselves to mitigate cyber risks and safeguard their digital assets in an increasingly volatile threat landscape.

Contact – STIGroup
Write to us at :info@sti.net 
Follow us: https://linkedin.com/company/stigroup-ltd./

Talk to an
Expert

Fill out the form below, and we will be in touch shortly.
Contact Information
Reason of Inquiry
How can We Help?

Please do not include confidential or sensitive information in your message. In the event that we are representing a party with opposing interests to your own, we may have a duty to disclose any information you provide to our client.
Preferred Date and Time Selection