The ISC2 2023 Cybersecurity Workforce Study has highlighted a significant and growing global cybersecurity workforce gap, reaching four million individuals, marking a 12.6% increase compared to the previous year.
Furthermore, this disparity persists despite an 8.7% growth in the cybersecurity workforce, which now stands at 5.5 million professionals. This shortage is further exacerbated by cyber-related cutbacks, including layoffs, budget cuts, and hiring freezes, affecting nearly half of respondents (47%) and leading to a subsequent impact on security teams and cybersecurity training programs.
At the same time, the study also unveils a concerning rise in insider threats, with over half (52%) of respondents reporting an increase in insider risk-related incidents. A clear connection is established between this surge in insider threats and periods of economic uncertainty, as 71% of respondents agree that economic instability heightens the risk of malicious insiders. Of particular note, respondents in organizations that have experienced cybersecurity-related layoffs are three times more likely to be approached as potential malicious insiders.
Additionally, the study points out a lack of artificial intelligence (AI) knowledge within the cybersecurity field. A significant portion of respondents (47%) admit to having no or minimal knowledge of AI, despite its increasing importance in cybersecurity.
While AI and machine learning have been identified as areas with knowledge gaps (32%), ISC2 CEO Clar Rosso believes cybersecurity professionals possess the capabilities required to secure AI effectively. Lastly, the study highlights the positive impact of increased diversity in the cybersecurity workforce, with a significant percentage of newcomers being non-white (66%). Furthermore, the embrace of diversity, equity, and inclusion initiatives is shown to be essential for success in security teams, demonstrating that these efforts are making a positive impact in the industry.