Global Head of Tech, Ops, Data/AI, & InfoSec Officers Practice
The latest numbers in the job market have not been great. But one area seems very promising—and it’s not in artificial intelligence.
Despite the well-known demand for roles in AI, it’s actually cybersecurity that may have the biggest need. Roles in the sector have grown 19% since last year; some 4.8 million positions in cybersecurity are needed across the globe, according to a new study from industry association ISC2. In other words, meeting the current threat landscape will call for hiring nearly as many people as are already working in the field. “The threat environment is evolving at such a rapid pace that it is challenging the workforce,” says Craig Stephenson, global head of Korn Ferry's Tech, Ops, Data/AI, & InfoSec practice.
In the US, where openings are at their lowest level in four years—and where employers added a paltry 12,000 jobs in October—cybersecurity roles have been impacted by budget cuts, hiring freezes, and layoffs. As a result, the study projects that 1.3 million cybersecurity jobs will be needed in the US alone. Alyse Egol, a senior client partner in Korn Ferry’s Global Digital, Technology, and Security Officers practice, says that cybersecurity roles have an image problem. “There’s a misunderstanding about the function,” she says. While cybersecurity is essentially a tech role, she notes, it calls for a combination of skills such as risk management, compliance knowledge, financial acumen, and operations and process experience. “There are a lot of different pathways beyond tech to get into cybersecurity,” she says. To be sure, one recent study found that a substantial number of new workers in the sector, as many as four in ten, are transitioning into tech from another field.
As firms move to skills-based hiring, experts think they could attract more talent to the cybersecurity function. An ever-growing number of programs offer credentials or certification in baseline skills in computer science, information technology, and cybersecurity, for instance. Firms are partnering with universities and creating their own educational programs to train both employees and non-employees in engineering, data and analytics, and other relevant areas. Stephenson says firms are also rotating tech talent across different digital functions to maximize capabilities and professional development. Even the government is getting in on the act, committing a billion dollars to fund state and local cybersecurity efforts.
For those considering a career transition, cybersecurity hiring managers prize an equal mix of technical and non-technical skills. According to ISC2’s survey, the most sought-after skills include problem-solving, communication, curiosity, and teamwork and collaboration—along with cloud computing, machine learning, and security operations.
Cyberattacks are on the rise again, with companies publicly disclosing some 9,500 through the first half of 2024 (the actual figure is likely much higher, since most attacks aren’t reported). Stephenson says firms are still stuck in a reactionary mode and need to better integrate operations and cybersecurity to meet the threat level. “They need to address the talent ecosystem to effectively address the first line of defense,” he says.
Learn more about Korn Ferry’s Talent Acquisition capabilities.
Insights to your inbox
Stay on top of the latest leadership news with This Week in Leadership—delivered weekly and straight into your inbox.
Recent articles
