The Cheapest Way to Fill the Cybersecurity Workforce Gap

By Meredith Quinn

For the last few years, a growing shortage of cybersecurity professionals has caused IT executives around the globe to become desperate for skilled IT workers in this field.

The 2014 Cisco Annual Security Report estimated the need for 500,000 to 1 million qualified security workers internationally, projecting this number to rise to 1.5 million by 2019.


Experts cite a few different reasons for this shortage, the most notable of those being a severe lack of experienced workers in a relatively “young” industry.

In the past, IT departments relied on contract workers to solve security issues, but only during a crisis. However, due to an influx of cyber-attacks made on myriad industries, companies are looking to invest in permanent security workers who will focus not only on the prevention of data hacking, but also on early detection and response.

But will employers be able to fill this workforce shortage?

It’s difficult to say. With an increase in demand comes an inflation of salaries for currently skilled cybersecurity professionals. So much so, that it’s becoming difficult for most companies to afford them. James Arlen of Leviathan Security Group tells ZDNet, “The reality of this is that in order to acquire new talent, companies are forced to go hunting and must be ready to put down the biggest pile of compensation.”

Training Is the Answer

So how do companies cope with this?

Arlen reveals that “while we need to ensure a trained and ready replacement workforce is prepared to supplement and succeed the current generation of security professionals, we should invest heavily in training those who already occupy the positions that protect our companies today.”

It seems like the cheaper option for businesses to provide training to existing IT employees, who already have the technical background and who are familiar with company practices. By increasing their skill sets and taking on more responsibility, IT employees have the opportunity to benefit from the increased wage demand for cybersecurity professionals.

In addition, this cross-training of IT workers seems to have worked before. According to CSO, a Canada-based information security company called Herjavec Group has been successful in converting existing technical employees into cybersecurity professionals. After acquiring a few IT services companies, Herjavec trained those new employees to become “expert cybersecurity advisers, consultants, incident responders, engineers, and security operations center staff.”

Therefore, by following Herjavec’s lead, companies have the chance to solve their cybersecurity issues through the investment of training.

As cybersecurity breaches continue to devastate businesses, it’s important to be prepared.


AUTHOR:  Meredith Quinn is a marketing copywriter and content developer for, an online training provider of on-demand, multi-industry career training and certifications. Quinn composes weekly blogs that focus on the IT industry, with an emphasis on professional development. For more information, contact

Reprinted from TRAINING magazine


Pin It on Pinterest