Got a question? Call 1800 853 276   |   

Our friends at ISACA State of Cybersecurity 2020 reports the results of the annual ISACA® global State of Cybersecurity Survey, conducted in the fourth quarter of 2019. This Part 1 survey report highlights current trends in cybersecurity workforce development, staffing, budgeting and gender diversity. The report echoes—and reaffirms—key findings of prior years: Enterprises are still short-staffed in cybersecurity, struggle to find sufficient talent for open positions and expect their cybersecurity budgets to grow. Efforts to increase the number of women in cybersecurity roles progressed slightly, and more enterprises established gender diversity programs.

Challenges Persist in Cybersecurity Resourcing

The demand for cybersecurity talent2 has steadily risen, which is good news for new and aspiring practitioners. Although this year’s survey results on staffing are largely consistent with prior-year data, current data reveal a sizeable shift away from assessments of significantly understaffed to appropriately staffed (figure 3). Last year, 21 percent of respondents reported that their cybersecurity team was significantly understaffed; only 15 percent report the same perception this year. The percentage of respondents who believe that their cybersecurity team is appropriately staffed increased from 25 percent last year to 31 percent this year. The industry remains a seller’s market and, consequently, enterprises face resourcing and retention issues. Analysis of this year’s responses confirms that understaffed organizations are significantly more likely to have retention issues. Additionally, understaffed teams are significantly more likely to have experienced more cyberattacks during the last year—a point supported by other cyberworkforce data.

Qualifications and Confidence Levels

Survey results indicate that hiring manager confidence is low when it comes to applicants. Figure 10 indicates that 70 percent of respondents generally do not believe their applicants are well qualified. Although this datapoint alone does not characterize deficiencies among applicants, it does help to explain delays in filling positions— not surprisingly, 73 percent of respondents who reported less than 25 percent of their applicants are well qualified have unfilled positions longer than three months.

You can download the full report here.

View all of our ISACA courses here.

Feature Articles

Our AIICT brand expands portfolio with ten new courses to help address ICT skills shortage
The Australian Institute of ICT (AIICT) has introduced a new series of industry certified bootcamp programs and nationally-recognised qualifications to meet the surging demand for skilled ICT professionals in Australia.  The bootcamps support the Morrison Government’s recently announced Digital Skills Organisation (DSO) pilot, which recognises the importance of non-accredited training to support the development of skills of the future workforce. The bootcamp programs run for six months and comprise of several vendor-specific certifications. The courses include ‘Cloud Computing Certified Professional’, ‘Certified Microsoft Full Stack Developer’, ‘Certified Artificial Intelligence Professional’, ‘Growth Marketing Professional’ and ‘Certified Project Management Professional’. The decision to introduce the bootcamps follows the VET sector’s increasing move away from nationally recognised qualifications to vendor-specific, industry-certified training. According to the National Centre for Vocational Education Research, preference for accredited training courses has declined steadily in recent years, with employers increasingly less satisfied that these courses provide their employees with the most relevant and important skills for their business. This has led many organisations to preference non-accredited training provided by private technology vendors such as Microsoft and AWS.