What Talent Gap? Hiring Practices Are the Real Problem

Talk of the talent gap in cybersecurity continues, with ISACA, ISC2, and even the Biden administration releasing new publications addressing the problem. Indeed, the US alone has almost half a million open cybersecurity positions, and ISC2 estimates a shortfall of 4.8 million professionals needed to secure the world's computing resources.

However, all that the surveys and studies tell us is that the cybersecurity sector is inadequately staffed, not that companies are looking to hire or that there are no people to fill positions. What exists is a disconnect between companies and candidates over issues like pay and required certifications, as well as budgeting struggles within organizations.

The recent "ISC2 2024 Cybersecurity Workforce Study" quantifies the budget issue inside companies. "In 2024, 25% of respondents reported layoffs in their cybersecurity departments, a 3% rise from 2023, while 37% faced budget cuts, a 7% rise from 2023," the report states. That means fewer job openings and less money to fill those positions that are opened.

Among a sea of qualified candidates, job seekers are struggling to figure out how to stand out to recruiters and hiring managers.

"I do tons of networking," says Xavier Ashe, a job seeker with more than 30 years' experience targeting director-level and CISO roles. "That's allowed me to get a number of opportunities to interview, but the competition is tough. Everyone is looking, and there are a lot of great folks I'm competing against."

Related:Getting Into Cybersecurity: A Guide for IT Security Careers

Read the rest of this article on Dark Reading.