ISC2 Study Reveals the Cybersecurity Workforce Has Grown to 3.5 Million Professionals Globally

2020 ISC2 Cybersecurity Workforce Study chronicles the resiliency, outlook and perseverance of this growing profession as it faced the unprecedented challenges of the COVID-19 pandemic

Clearwater, FL, November 11, 2020 – ISC2 – the world’s largest nonprofit association of certified cybersecurity professionals – today released the findings of its 2020 Cybersecurity Workforce Study. 3,790 respondents, all of whom dedicate at least 25% of their time to cybersecurity tasks, were surveyed across 14 geographies in order to accurately assess the size of the current cybersecurity workforce and the challenges and opportunities they face.

For the first time, the study indicates a year-over-year reduction in the cybersecurity workforce gap, due in part to increased talent entry into the field and uncertain demand due to the economic impact of COVID-19. The research, conducted from mid-April through June 2020, also provides insights from cybersecurity professionals about their organizations’ COVID-19 pandemic response, and the massive effort required to quickly and securely transition their staffs to remote working environments.

The study reveals that the cybersecurity profession experienced substantial growth in its global ranks, increasing to 3.5 million individuals currently working in the field, an addition of 700,000 professionals or 25% more than last year’s workforce estimate. The research also indicates a corresponding decrease in the global workforce shortage, now down to 3.12 million from the 4.07 million shortage reported last year. Data suggests that employment in the field now needs to grow by approximately 41% in the U.S. and 89% worldwide in order to fill the talent gap, which remains a top concern of professionals.

In a historically unprecedented year, the study also focused on how security teams and professionals were impacted by COVID-19. The data shows that 30% of cybersecurity professionals faced a deadline of one day or less to transition their organizations’ staff to remote work and to secure their newly transformed IT environments. 92% of respondents indicated that their organization was “somewhat” or “very” prepared to respond, and just 18% saw security incidents increase during this time.

“Overall we’re seeing some very positive trends from the cybersecurity workforce reflected in this new data,” said Clar Rosso, CEO of ISC2. “The response to COVID-19 by the community and their ability to help securely migrate entire organizational systems to remote work, almost overnight, has been an unprecedented success and a best-case scenario in a lot of ways. Cybersecurity professionals rose to the challenge and solidified their value to their organizations.”

Additional highlighted findings include:

Job satisfaction rates increased year-over-year, with 75% of respondents saying they are either “somewhat” or “very” satisfied
The average annual cybersecurity salary is highest in North America at $112,000
56% of respondents say their organizations are at risk due to cybersecurity staff shortages
Cybersecurity practitioners are concerned that security budgets will be impacted by revenue losses related to COVID-19. 54% are concerned about personnel spending while 51% are concerned about technology spending.
23% said that they or a peer had been laid off as a result of the pandemic
78% of cybersecurity professionals who still need to work from an office say they are either “somewhat” or “very” concerned about their personal safety in relation to COVID-19
Cloud computing security is far and away the most in-demand skillset, with 40% of respondents indicating they plan to develop it over the next two years
Just 49% of those in the field hold degrees in computer and information sciences, highlighting the fact that many of the professionals responsible for cybersecurity come from other areas of expertise

In addition to outlining the workforce numbers themselves, the study goes into detail about how the survey and the gap calculation model were designed. It also proposes several steps that organizations should consider in order to expand their addressable talent pool when searching for highly sought-after cybersecurity talent. To download a complimentary copy of the report, please visit: https://www.isc2.org/Research.

Attend the ISC2 Cybersecurity Workforce Study Webinar
For a deeper dive into the stories beyond the numbers, you can register here for an upcoming webinar titled “Digging Into the 2020 ISC2 Cybersecurity Workforce Study,” which will air on December 9, 2020 at 1:00pm EST. This roundtable session brings together four ISC2 panelists involved in creating this research to discuss some of the highlighted findings and trends in more detail. The session will also be included as part of the ISC2 2020 Security Congress agenda, taking place next week from November 16-18. Registration is still open at: https://securitycongress.brighttalk.live/passes

About the ISC2 Cybersecurity Workforce Study
ISC2 conducts in-depth research into the challenges and opportunities facing the cybersecurity profession. The ISC2 Cybersecurity Workforce Study is fielded annually to assess the cybersecurity workforce gap, better understand the barriers facing the cybersecurity profession, and uncover solutions that position these talented individuals to excel in their profession, better secure their organizations’ critical assets and achieve their career goals. The margin of error for the global descriptive statistics in this research is plus or minus 1.6% at a 95% confidence level.

About ISC2

ISC2 is the world’s leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 600,000 members, candidates and associates around the globe are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity’s premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, The Center for Cyber Safety and Education, helps create more access to cyber careers and educate those most vulnerable. Learn more and get involved at ISC2.org. Connect with us on X, Facebook and LinkedIn.

Media Contact:
Amanda Steinman
Senior PR Manager
ISC2
asteinman@isc2.org