Cybersecurity Skills Gap 2017: What to Expect and How to Prepare

As the calendar turns to a new year, the cybersecurity industry faces a persistent challenge: the cybersecurity skills gap. For years, organizations have struggled to find qualified professionals to fill critical roles. According to research from (ISC)², the global shortfall could reach 1.5 million unfilled positions by 2020. But what does 2017 hold for this ongoing crisis? Experts weigh in on the trends, obstacles, and potential solutions that could reshape the talent landscape.

Why the Cybersecurity Skills Gap Persists

The demand for security talent continues to outpace supply. Rapid technological advancements, evolving threats, and new regulations like the General Data Protection Regulation (GDPR) have created a need for specialized skills. However, the talent pool has not expanded quickly enough to meet these demands.

Adrian Davis, a senior figure at (ISC)², predicts another tough year. “We expect to see a greater emphasis on understanding and implementing resilience, incident management and business impact of cyber risk from all security professionals,” he explained. “There will be a continuing skills shortage, especially of individuals who can link business and security together, and of individuals who can build GDPR compliance.”

Similarly, Dr. Bob Nowill, chair of the Cyber Security Challenge UK, noted that short-term shortages will persist as new threats emerge. Yet both experts acknowledge that 2016 laid important groundwork for change.

Positive Steps Taken in 2016

Despite the grim outlook, the industry made notable progress last year. Initiatives such as the launch of the Extended Project Qualification (EPQ) in Cyber Security and the integration of cybersecurity into UK computing science degrees signal a shift toward long-term workforce development. The UK government’s commitment to making cyber a chartered profession also marks a significant milestone.

“The skills landscape will continue to evolve, shaped in part by the new National Cyber Security Strategy and NCSC and DCMS initiatives,” said Nowill. “2017 will be an exciting year particularly for new programs such as the new Cyber Security EPQ and via QUFARO as they start to have impact, while school curriculum changes in STEM and Computer Science will see more cybersecurity concepts being introduced at a younger age.”

How Companies Can Close the Skills Gap

While government and educational bodies play a role, organizations themselves hold the key to bridging the cybersecurity skills gap. Davis urged companies to rethink their hiring practices. “To improve our position, we need to stop over-specifying positions, recruit more junior staff and recruit from outside the ‘usual’, tech-oriented, pools,” he said. “We also need to stand up and tell people about what we do, why it is important and the opportunities open to bright, problem-oriented, communicative people.”

James Jardine, CEO of Jardine Software, echoed this sentiment. In his article on hiring application security talent, he outlined five common mistakes that hinder recruitment:

• Not understanding your current needs
• Ignoring existing resources
• Not sharing the workload
• Not defining the role
• Overly broad job requirements

By avoiding these pitfalls, companies can attract and retain the right talent more effectively.

The Role of Education and Training

Building a robust pipeline of future professionals requires investment in education and training. Programs that introduce cybersecurity concepts at a younger age, such as those in STEM and computer science curricula, are essential. Additionally, professional development opportunities for existing staff can help close immediate gaps.

For more insights on building a cyber-aware workforce, check out our guide on cybersecurity training best practices. Organizations that prioritize continuous learning will be better positioned to adapt to evolving threats.

Looking Ahead: A Turning Point?

Although the cybersecurity skills gap remains a pressing issue, there is reason for optimism. The combination of educational reforms, government initiatives, and a shift in hiring strategies could make 2017 a year of tangible progress. As the industry continues to collaborate and innovate, the message is finally getting through: closing the talent deficit is not just a necessity—it is an achievable goal.

For further reading, explore our article on cybersecurity workforce development strategies to learn how organizations can build resilient teams in the face of ongoing challenges.