Is there a cybersecurity skills gap? Plenty of surveys and anecdotal evidence seem to say that’s the case. For example, an end-of-year survey of IT professionals conducted by ESG found that 53 percent of organizations reported a shortage of security skills, up from 51 percent the year before and up from 45 percent in 2016. So, from this perspective, it looks like not only is there a skills shortage, but it is getting worse.
Clearly, having an experienced and skilled cybersecurity workforce is more important than ever. But could we already have that workforce in place? Are we approaching hiring cybersecurity workers all wrong?