A recent report by the International Information System Security Certification Consortium (ISC2) has unveiled a significant global cybersecurity workforce gap, with an estimated shortage of 4 million professionals worldwide. The study also highlights the notable disparity in the number of cybersecurity experts in different countries, with Nigeria and South Africa facing some of the most substantial challenges in filling these crucial roles.
As of 2023, Nigeria had just 8,352 cybersecurity professionals, while South Africa reported a slightly higher number of 57,269. In contrast, countries in the Americas and Europe demonstrated a more robust presence of cybersecurity experts, with the United States leading the way with 482,985 professionals, and Brazil recording 231,921 cybersecurity experts.
The report underscores the global growth of the cybersecurity workforce, with a year-on-year increase of 8.7%, resulting in a total of 5.5 million cybersecurity professionals in 2023. This growth was particularly significant in new regions like the Middle East, Asia-Pacific, and North America, with Japan experiencing rapid expansion at 24% year on year.
Despite this workforce growth, the report emphasizes that the demand for cybersecurity professionals significantly exceeds the supply, resulting in a workforce gap that expanded by an additional 12.6% in the past year. This gap is most pronounced in Asia-Pacific and North America, with areas like the Middle East and Latin America starting to see supply and demand come closer to equilibrium.
The workforce gap, as defined by ISC2, represents the difference between the number of cybersecurity professionals required by organizations to adequately secure their operations and the number of available cybersecurity professionals in the job market.
The report also highlights the broader economic impact of this workforce shortage. In response to the current macroeconomic environment, many organizations have implemented cost-saving measures, such as budget cuts, layoffs, hiring freezes, and promotion freezes. These measures are impacting cybersecurity teams and their ability to protect against risk and vulnerability. The reduction in resources is stifling productivity, job satisfaction, and skill development among cybersecurity professionals.
ISC2, a non-profit organization specializing in training and certifications for cybersecurity professionals worldwide, conducted this study. Notably, Nigeria, South Africa, Saudi Arabia, and the United Arab Emirates were included in the 2023 Cybersecurity Workforce Study for the first time, shedding light on the unique challenges faced by these nations in addressing the growing global demand for cybersecurity expertise.
