IT Security Professionals Are In Short Supply And High Demand

The sixth Global Information Security Workforce Study (GISWS) recently found that businesses struggle with finding qualified IT security professionals. This study provided by (ISC) 2, Booz Allen Hamilton and Frost & Sullivan surveyed over 12,000 information security professionals and is simply one of many to recently be conducted.


According to the GISWS study, not only is there a global shortage of information security personnel, but it is having a profound effect on the global economy by leading to more frequent and costly security breaches. Findings suggest that the shortage is due primarily to executives not fully understanding the need for security, and the inability to locate qualified professionals.
Below are a few of the key statistics:
  • 56% feel that their security organizations are short-staffed.
  • 15% couldn’t place a time frame on recovering from a malicious attack
Additionally, those interviewed said hacktivism, cyber-terrorism, and general hacking are the biggest areas for concern amongst businesses.  
Opportunities for Aspiring IT Professionals
As the demand for IT security professionals continues to grow, so does the demand for certifications in this area. According to the GISWS study:
  • 70% view certifications as a reliable indicator of competency.
  • 46% require certification for potential employees.

Additionally, the average global annual salary for (ISC)2 certified professionals is $101,014; one-third higher than those without.
Julie Peeler, Director of (ISC) 2 explains that businesses are not just looking for people with technical know-how, but that they need job candidates with people skills as well. In the GISWS study, communication skills were the second most frequently declared success factor for IT security professionals, only behind “a broad understanding of the security field.” Following these two factors were leadership skills and project management experience.

Top Certifications for IT Security Professionals:

While a combination of factors and skills contribute to a professional’s success within the IT security field, there are a few certifications that can provide a competitive edge. Below are the most respected and in demand IT security certifications for this year:
  1. Certified Penetration Testing Consultant (CPTC)
  2. Certified Penetrating Testing Engineer (CPTE)
  3. CompTIA Security+
  4. Certified Security Testing Associate (CSTA)
  5. GIAC Certified Penetration Tester (GPEN)
  6. Offensive Security Certified Professional (OSCP)
  7. Certified Ethical Hacker (CEH)
  8. EC-Council Certified Security Analyst (ECSA)
  9. Certified Expert Penetration Tester (CEPT)

Most In-Demand Job IT Security Job Titles

IT security is expected to grow exponentially across the entire United States; however, the metropolitan areas of New York, San Francisco, Atlanta, Baltimore and Washington, DC are expected to witness the highest volume of available job listings. Additionally the most in-demand job titles for cyber security are expected to include:
  • Cyber Security Analyst
  • Cyber Security Engineer
  • Software Engineer
  • Systems Engineer
  • Senior Cyber Security Analyst
  • Information Technology Security Specialist
  • Program Manager
  • Information Security Analyst
  • Information Assurance Engineer
  • Systems Administrator
Out of all of the information this study provided, one thing is for sure: the opportunities for aspiring and current IT security specialists are tremendous. Simply having the right training and certifications will help to ensure profitable careers for cyber security specialists in the years to come.
This guest blog was written by Andrew, a member of the Phoenix TS team that specializes in cyber security training.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...