Cyber talent still in high demand

TommL/Getty Images

In the last 12 months, more than 769,000 cyber job postings went up in the United States.

Demand for cyber workers continues to surge, according to new data released Tuesday that puts the number of cyber job openings listed in the U.S. between October 2021 and last month at 769,736.

That's according to Cyberseek, an analytics platform from the National Institute for Standards and Technology's National Initiative for Cybersecurity Education, Lightcast and CompTIA.

That tally is up from the last one reported for May 2021 to April 2022, where there were 714,548 postings, according to a press release from CompTIA. 

The cyber workforce count for the most recent 12-month period is over 1.1 million.

For the public sector in particular, 47,114 cyber jobs were listed and 72,599 workers employed.

"The data should compel us to double-down on efforts to raise awareness of cybersecurity career opportunities to youth and adults," said Rodney Petersen, NICE director, in a statement. 

Nine of the top 10 months for cyber job listings in the last decade were in 2022, according to the CompTIA press release about the new data.

This isn't the only refreshed picture of the cybersecurity job landscape to look for this week. 

(ISC)2, a nonprofit cyber membership association, is also set to release their annual cybersecurity workforce study on Thursday, which will contain its own global cybersecurity workforce estimates.

Increasing demand for cybersecurity talent is "good" in its own way, despite the worker shortages, Clar Rosso, (ISC)2 CEO, told FCW.

"We need demand to increase because we need organizations to understand their cyber risks and want to do something about it," she said.

Rosso also pointed to the impact of workforce shortages that've been borne out by her organization's previous studies. The ultimate result of understaffing: "we don't get the basics right," she said.

In last year's study, participants cited misconfigured systems, limited time for risk assessments and more as results of understaffing. 

Rosso's prescription for the government in particular is to "stop trying to hire the all stars," she said. "Hire entry level folks from different backgrounds, train them to do this work that you need to get done that's not getting done and that frees up your more experienced professionals to do the work that requires more experience."

Other takeaways from the new CyberSeek data are more specialized fields in cyber, as well as more cyber skills being required in non-cyber specific jobs like auditors and software developers.

Still, some experts say that there's more to be done in terms of getting good data on the federal and national cyber workforces.

A February 2022 report by the National Academy of Public Administration on the Cybersecurity and Infrastructure Security Agency's cyber workforce programs called for the creation of a Bureau of Cybersecurity Statistics to collect data on the workforce in addition to a list of other cybersecurity items. The Cyberspace Solarium Commission has also issued a similar recommendation for a government office to be focused on cyber data.

Currently, "we have a lot of data," said Karen Evans, co-chair of the NAPA report, a former longtime government technology official.

But estimates of the labor shortage often vary among sources based on how they define the work and what data sources they pull from, said Evans. And currently, efforts like CyberSeek can't compel the offering up of information the way an official government bureau might be able to.

Cyberseek in particular gets its workforce numbers using artificial intelligence to analyze data like job postings and career transitions, according to the tool's website.

"Now, let's take it to the next level and have some veracity around the data," said Evans. "What we need is an authoritative source."