Cybersecurity professionals are in high demand. The increasing dependence on online systems as a result of COVID-19 poses cyber security risks, which accelerates this demand. The cybersecurity skills gap is posing a serious threat to national security and economic development. Therefore, it is crucial for people looking to launch their career in cyber security to develop the most in-demand skills, and for employers to have realistic expectations of candidates’ skills levels.
Cybersecurity professionals are in high demand. The Dutch business community is one of the largest users of the cloud. COVID-19 and the related lockdowns are accelerating the need for businesses to digitize. The World Economic Forum found that 96% of businesses in The Netherlands are using more digital tools such as video conferencing, and 88% are structurally creating more possibilities for working remotely. This growing dependence on online systems is leading to more cyber attacks and an increased demand for professionals with knowledge of Cloud applications and security specialists. The UWV claims that over the last few years, employment growth among IT security specialists has been 54%, the largest of all ICT professions. Additionally, Cyber Security Specialist is ranked #11 on LinkedIn’s list of top 15 emerging jobs in The Netherlands in 2020. Moreover, Information Security Analyst is ranked #4 on WEF’s list of top 10 emerging jobs in The Netherlands in 2020.
Data from HSD’s platform Security Talent similarly shows that:
However, the cybersecurity skills gap is causing difficulties in meeting this increased demand, and therefore forms a threat to the national economy as well as national security. In 2018, the Dutch Cyber Security Council raised their concern about the shortage of cybersecurity professionals in the Netherlands. At the European level, an analysis by Vacancysoft and Robert Walters claims there is a shortage of around 140.000 cybersecurity professionals, which points to a significant gap between supply and demand in the cybersecurity labour market.
In order to close this gap, it is crucial for people looking to launch their career in cybersecurity to know which skills to develop. According to the UWV, the ICT positions that are hardest to fill are aimed at highly educated ICT professionals with technical skills, certificates, general knowledge of business processes, and social skills such as communication skills, interdisciplinary teamwork, and customer interaction. This demand is also visible in the cybersecurity job market specifically. For example, the demand for the technical cyber security consultant role on Security Talent has increased. Cyber security consultant was ranked #5 in 2018 accounting for 6% of all roles requested and moved up to #3 in 2020 accounting for 13% of all roles requested. Data from Security Talent shows that the most demanded education levels in 2020 are higher education levels, namely Bachelor/EQF 6 (38% of job postings) and Master/EQF 7 (32% of job postings).
Additionally, according to an analysis conducted by Specops Software of 800+ job listings on Indeed UK, the top 5 most desired skills for cybersecurity jobs are technical ability/mindset, responsible, good written communication, passionate, and attention to detail, which is a combination of technical and social skills. The study also claims that the top 3 most desired programming languages include Python, C++ and C, and the top 3 most desired professional certifications are CISSP, CISM, and CISA. An analysis by Burning Glass of over 1 billion US job postings predicts that the two fastest growing technical cybersecurity skills for 2021-2025 are application development security skills (growth of 164%) and cloud security skills (growth of 115%).
The analysis above shows that employers have high expectations of the skills levels of candidates. A study conducted on behalf of HSD in 2018 similarly finds that employers search for cybersecurity generalists that master many different competences at the same time, which may discourage candidates from applying. Matthijs Ros, CEO of Innopay, makes a similar argument, claiming organisations are looking for ‘unicorns’: People with lots of cybersecurity experience, many certificates, and expertise in all areas of cyber security. According to ENISA these high expectations are one of the key causes of the cyber security skills gap.
Professionals that want to launch their cybersecurity career should consider improving on the above-mentioned in-demand skills and requirements. However, they should not be too worried about not meeting all these requirements either, as very few people do. Instead, employers should also play an important role in the development of the cybersecurity workforce, through making their expectations more realistic and for example splitting up job profiles in coherent and realistic roles. For inspiration on role descriptions, check out the Job Profiles we have gathered, and the advice given in the 2018 HSD study.
Are you interested in launching your career in cybersecurity? Visit SecurityTalent.nl to develop your skills through cybersecurity studies and courses, and to check out cybersecurity vacancies.