More than 12,200 IT professionals took part in the Global Knowledge 2019 IT Skills and Salary Report, and 56% said cybersecurity is a key investment area this year. That number rises to 57% for North American respondents.
Cybersecurity is a global priority because data breaches are growing in scale and sophistication, and customers aren’t willing to accept the inevitability of their information being stolen. This has put an immense pressure on organizations to invest in their security teams.
But it hasn’t been easy. There simply aren’t enough qualified cybersecurity professionals to fill all open positions. For the fourth straight year, IT decision-makers have told us that cybersecurity is their most challenging hiring area. Thirty-eight percent of decision-makers are struggling to find qualified employees for their security teams, leading to a growing cyber skills gap throughout the industry.
With low supply and high demand, cybersecurity salaries continue to rise while the industry skills shortage expands.
The real solution isn’t to hire; it’s to grow your way out of the problem. Organizations need to train their current IT people and train them into cybersecurity roles.
The industry is in a tough position. As cyberattacks escalate, more IT security professionals are needed but there’s currently not enough people to do the job.
Highest-paying cybersecurity certifications
The cybersecurity skills shortage is bad news for organizations but good news for cybersecurity professionals, especially those who are certified.
Of the 20 top-paying certifications in our IT Skills and Salary Report, five are in cybersecurity:
|CISM - Certified Information Security Manager||$132,919|
|CRISC - Certified in Risk and Information Systems Control||$128,556|
|CISSP - Certified Information Systems Security Professional||$123,815|
|CISA - Certified Information Systems Auditor||$118,232|
|CEH - Certified Ethical Hacker||$117,052|
These salaries are indicative of a strong global need for security professionals. But tenure also plays a part. IT professionals tend to have several years of experience before moving into cybersecurity. Thus, they have higher salaries.
Certified security professionals are the real money-makers—their salaries are nine percent greater than the average North American IT professional.
In particular, CISSP from (ISC)2 has been a consistently one of the top-paying certifications worldwide, as it validates years of experience and has become the de facto credential for cybersecurity managers.
Consumers aren’t willing to put their data at risk
Even though data breaches are inevitable, consumers aren’t willing to accept that their data and information is in danger. A recent analysis of worldwide identity and access management by the International Data Corporation (IDC) revealed that 55% of consumers would switch platforms/providers due to the threat of a data breach, and 78% would switch if a breach impacted them directly.
Organizations cannot afford to take cybersecurity lightly—it quite simply can lead to a loss of business. Customers are not taking chances with their data.1
“Investment into cybersecurity infrastructure, operations, posture, and education has moved to the forefront of nearly every commercial and government entity,” said Brad Puckett, Global Knowledge global product director of cybersecurity. “The rapid evolution of cybercriminals and their skills create some erosion of confidence in organizations due to aging cybersecurity skill sets and architecture. Forward-looking cybersecurity organizations within businesses are dedicating a significant amount of their budget to frameworks, best practices, and emerging cybersecurity skills and knowledge to combat and compete with advanced threats.”
Investing in your team is a great place to start. Cybersecurity is no longer a niche skill—every employee must have at least a fundamental understanding. So if you’re struggling to find security personnel, upskill your current staff.
Build your cyber workforce from the inside
For a typical IT employee, Cybersecurity Foundations is a great place to start. When that course is completed, those who are interested in shifting gears to cybersecurity can progress to more specialized cybersecurity certification or skills courses. Visit our Cybersecurity Training Courses page for a complete listing of your options or call a training advisor to discuss your needs and goals.
The cybersecurity skills gap is real and it is growing. You can’t hire or outsource away your problems. Look within—current IT employees have the tenure and job experience needed to start a successful cybersecurity career.
Security+ Certification Prep Course
CISSP Certification Prep Course
CRISC - Certified in Risk and Information Systems Control Prep Course
CISM - Certified Information Security Manager Prep Course
CISA - Certified Information Systems Auditor Prep Course
CEH - Certified Ethical Hacker v10
1 IDC, Market Analysis Perspective: Worldwide Identity and Access Management, 2018 — The State of Identity, Doc #US44260118, Sept. 2018