Cybersecurity jobs suffer from a lack of qualified candidates

By Jonathan Crowl

Many industries have to wrestle with a flood of strong applications any time they have a job opening. When it comes to cybersecurity jobs, however, hiring managers have the opposite problem: They’re hard-pressed to find qualified talent. They may receive a pile of applications, but it’s easy to weed out the unqualified applicants who don’t have the experience to effectively execute the role’s responsibilities.

As new data security issues crop up alongside longstanding threats, many organizations are desperate to find cybersecurity professionals who can lead their anti-fraud and cybercrime efforts. According to a survey from ISACA, though, one-third of organizations in need of cybersecurity talent endure periods of six months or longer during which they are functioning without qualified security experts in these critical roles.

Only 13 percent of organizations receive more than 20 applications for these job openings, while 41 percent of organizations receive fewer than five. That stands in stark contrast with typical corporate jobs trends, where most positions average between 60 and 250 applicants per opening.

And qualification to hold the job is an entirely different matter: 37 percent of organizations report that fewer than one-fourth of their job candidates are qualified for the jobs they are seeking. Those organizations cited hands-on experience as by far the most important quality, with formal education, certifications and job-specific training all cited by at least 9 percent of the organizations surveyed.

In one of the more shocking trends, 45 percent of organizations surveyed said they believe that most applicants lack a fundamental understanding of cybersecurity.

According to the survey, one of the best solutions to this problem is to invest in internal talent and groom employees to eventually take these cybersecurity jobs. Cultivating this talent can help businesses keep a hold on scarce cybersecurity talent.

Requiring certifications is also another strong step forward in making sure cybersecurity talent is up to the task of protecting your organization. If you already have capable employees working in these positions, the recommendation is clear: Don’t give them reason to take another job elsewhere.

Image source: iStock