Got a question? Call 1800 853 276   |   

Our friends at ISACA State of Cybersecurity 2020 reports the results of the annual ISACA® global State of Cybersecurity Survey, conducted in the fourth quarter of 2019. This Part 1 survey report highlights current trends in cybersecurity workforce development, staffing, budgeting and gender diversity. The report echoes—and reaffirms—key findings of prior years: Enterprises are still short-staffed in cybersecurity, struggle to find sufficient talent for open positions and expect their cybersecurity budgets to grow. Efforts to increase the number of women in cybersecurity roles progressed slightly, and more enterprises established gender diversity programs.

Challenges Persist in Cybersecurity Resourcing

The demand for cybersecurity talent2 has steadily risen, which is good news for new and aspiring practitioners. Although this year’s survey results on staffing are largely consistent with prior-year data, current data reveal a sizeable shift away from assessments of significantly understaffed to appropriately staffed (figure 3). Last year, 21 percent of respondents reported that their cybersecurity team was significantly understaffed; only 15 percent report the same perception this year. The percentage of respondents who believe that their cybersecurity team is appropriately staffed increased from 25 percent last year to 31 percent this year. The industry remains a seller’s market and, consequently, enterprises face resourcing and retention issues. Analysis of this year’s responses confirms that understaffed organizations are significantly more likely to have retention issues. Additionally, understaffed teams are significantly more likely to have experienced more cyberattacks during the last year—a point supported by other cyberworkforce data.

Qualifications and Confidence Levels

Survey results indicate that hiring manager confidence is low when it comes to applicants. Figure 10 indicates that 70 percent of respondents generally do not believe their applicants are well qualified. Although this datapoint alone does not characterize deficiencies among applicants, it does help to explain delays in filling positions— not surprisingly, 73 percent of respondents who reported less than 25 percent of their applicants are well qualified have unfilled positions longer than three months.

You can download the full report here.

View all of our ISACA courses here.

Feature Articles

Insights to help you craft your End of Financial Year Learning and Development Plan
By Chloe Villanueva | 28 March 2022
Cyber Security Fireside Chat - Introduction to CISSP
By Jeremy Daly | 6 April 2022
Innovate boldly and with peace of mind when you access AWS security training
By Chloe Villanueva | 25 April 2022
DDLS and PECB partner to deliver ISO 27001 Information Security Training
By Chloe Villanueva | 2 May 2022