Cybersecurity Ventures recently reported worldwide spending on cyber defense products and services is forecast to exceed $1 trillion for the five-year period from 2017 to 2021 -- driven by the dramatic rise in cybercrime, the ransonware epidemic, the refocusing of malware from PCs and laptops to smartphones and mobile devices, the deployment of billions of under-protected internet of things (IoT) devices, the legions of hackers-for-hire, and the more sophisticated cyber-attacks launching at businesses, governments, educational institutions, and consumers globally.
The market expansion will add to the cybersecurity workforce shortage, which is expected to reach 1.5 million cybersecurity job openings by 2019, according to the most recent Cybersecurity Jobs Report. An analysis of employment data in the report provides various insights into the current and future labor pool.
- Cybersecurity workers can command an average salary premium of nearly $6,500 per year, or 9% more than other IT workers, according to Burning Glass Technologies.
- According to a report from DICE, a leading IT job board, the top five IT security salaries are: No. 1 - lead software security engineer at $233,333; No. 2 - chief security officer at $225,000; No. 3 - global information security director at $200,000; No. 4 - chief information security officer at $192,500; and No. 5 - director of security at $178,333.
- The top U.S. chief information security officer (CISO) jobs pay annual salaries exceeding $400,000. The leading cities - by salary - are: San Francisco; New York; Washington, D.C.; Los Angeles; and Chicago.
- IDC predicts that "by 2018, fully 75 percent of chief security officers (CSO) and chief information security officers (CISO) will report directly to the CEO, not the CIO". This will arguably push those positions higher up in to the salary stratosphere.
- "The landscape of cyber risks is so widespread and evolving that forward-thinking (public) companies are seeking a new leader - a chief risk officer (CRO) - who will oversee all areas of risk exposure: IT risk, physical security, personnel security and protection of assets - including intellectual and reputational capital, stated Jeremy King, founder at Benchmark Executive Search. The chief risk officer will be the most in-demand position over the next five years - a single leader who can create a culture of security, map organizational structures and set budgets."
- On a per-capita basis, the leading states for cyber hiring are Washington, D.C., Virginia, Maryland, and Colorado; all have high concentrations of jobs in the federal government and with related contractors.
- Last October (2015), the U.S. government began hiring 6,500 new cybersecurity IT professionals. It has hired 3,000 so far, and plans to hire another 3,500 by January 2017, the White House said.
- Only 11% of the world's information security workforce are women, according to the Women's Society of Cyberjutsu (WSC) - a 501(c)3 non-profit passionate about helping and empowering women to succeed in the cybersecurity field. WSC states that 50% of professional occupations in the U.S. are held by women, and that 25% of computing occupations in the U.S. are held by women. The small representation of women in cyber is a big opportunity for them to enter a field with a severe labor shortage.
- African Americans are underrepresented in the cybersecurity field. According to data from the United States Department of Labor which publishes the Bureau of Labor Statistics (BLS), 'Black or African-American' people make up only 3% of the information security analysts in the U.S. The International Consortium of Minority Cybersecurity Professionals (ICMCP) and the International Colloquium for Minorities In Cyber Security (MICS) are two organizations devoted to promoting career opportunities for African Americans and other minorities in cybersecurity.
Sign up for Computerworld eNewsletters.