Recent findings in cybersecurity emphasize areas of improvement among experts, highlighting interpersonal skills, cloud technology understanding, and security implementations as the top areas of skill shortage as per a fresh report by ISACA.

The report indicates that 59 percent of leaders in the cybersecurity domain feel they have insufficient team members. Half of the surveyed participants mentioned vacancies for roles beyond entry level, while 21 percent highlighted openings for newcomers.

Retention issues persist in the cybersecurity domain

Although efforts have been made to address retaining employees, it remains a significant challenge. The report revealed that 56 percent of leaders in the cybersecurity field find it tough to keep competent professionals on board. Notably, this figure is a decline from the previous year by four percentage points.

However, sustaining this reduction in retention issues may prove challenging, especially when considering the declining benefits offered to professionals in this field. This drop might be an outcome of financial uncertainties. The data shows a decline in university tuition reimbursement, recruitment bonuses, and reimbursement for certification fees when compared to 2022.

Desired skills in the cybersecurity sector

Companies have prioritized the following technical competencies:

1. Identity and access management (49 percent)
2. Cloud technology (48 percent)
3. Protecting data (44 percent)
4. Responding to incidents (44 percent)
5. DevSecOps (36 percent)

Regarding soft skills, employers prioritize communication (58 percent), critical thinking (54 percent), problem-solving abilities (49 percent), collaborative skills (45 percent), and meticulousness (36 percent). Interestingly, skills like empathy (13 percent) and honesty (17 percent) scored lower, even though a notable 62 percent of participants felt that companies don’t report cybercrime accurately.

The surveyed group identified areas where cybersecurity experts are found wanting, pointing out interpersonal skills (55 percent), cloud technology understanding (47 percent), security methods (35 percent), programming abilities (30 percent), and topics related to software development (30 percent) as primary areas of deficiency.

Strategies to bridge the skill gap

To overcome these technical skill gaps, those surveyed suggested the top three remedies: upskilling non-security personnel interested in transitioning to security roles (45 percent), relying more on contract workers or external consultants (38 percent), and promoting reskilling initiatives (21 percent).

For non-technical skill gaps, firms are using online educational platforms (53 percent), mentoring initiatives (46 percent), in-house training sessions (42 percent), and academic fee reimbursements (20 percent), although there’s been a decline in the latter.

Jon Brandt, ISACA’s Director of Professional Practices and Innovation, expressed concerns regarding the evident soft skill gaps among professionals in the field. He emphasized the industry’s need for a collaborative approach, encompassing practical training, mentorship, and various learning avenues.

Looking ahead

A significant 78 percent of participants anticipate a surge in demand for individual contributors with technical expertise in cybersecurity in the upcoming year. Similarly, close to half (48 percent) foresee a growing need for managers in the sector. Over half (51 percent) anticipate a potential rise in cybersecurity budgets in the following year as well.

Maarten Van Horenbeeck, Senior Vice President and Chief Security Officer at Adobe, remarked on the considerable talent shortage in the cybersecurity sector. He stressed the importance of a diverse talent pool and a joint effort by global industries and governments to address this widening skill gap, especially