Managing Director & Senior Partner
New York
By Vanessa Lyon, Matteo Coppola, Shoaib Yousuf, and Jay Bhatnagar
Organizations worldwide spend $200 billion a year on cybersecurity products and services. Yet they struggle to fill cybersecurity jobs, and the 28% vacancy rate for those positions is impeding their ability to address escalating threats.
Companies are adopting new technologies, including AI and GenAI, for cybersecurity functions such as predictive analytics and detecting anomalies. However, such innovations have created new vulnerabilities—making the need to attract and retain a full contingent of workers with up-to-date cybersecurity skills even more urgent,
These conclusions are among the highlights of new research by BCG and the Global Cybersecurity Forum on the global cybersecurity workforce. They are based on a survey of 6,000 respondents from 48 countries as well as workshops and interviews with cybersecurity and workforce experts. The complete findings are presented in a report, “2024 Cybersecurity Workforce Report: Bridging the Workforce Shortage and Skills Gap.”
The world’s move to digital has transformed industries, governments, and society. At the same time, it has led to an avalanche of cyberattacks and cyber-related crimes, with related costs rising to more than $2.2 trillion. AI is an aggravating factor: close to six out of ten (58%) cybersecurity leaders expressed concern over new adversarial techniques, including AI-enabled cyberattacks.
Protecting digital assets has increased the ranks of the world’s cybersecurity workforce to 7.1 million, but another 2.8 million jobs remain unfilled. The gap between supply and demand is biggest in the Asia-Pacific region, where the field is still relatively immature, accounting for more than half of the global shortage (56%).
Four industries account for close to two-thirds (64%) of the cybersecurity workforce shortage: financial services, materials and industrials, consumer goods, and technology. It’s not surprising, considering that seven out of ten attacks target those industries, and the cost per breach is among the highest.
Cybersecurity leaders cite the lack of candidates with desired skills and intense competition as the main challenges to filling open jobs. Lack of diversity in the profession is also a contributing factor: although women hold 36% of all technology industry jobs, they comprise only 24% of the cybersecurity workforce.
To fill the talent and skills gap, capitalize on opportunities, and address challenges, organizations need to embrace future-ready cybersecurity workforce practices. They must:
If the talent shortage continues, it’s predicted to account for more than half of all significant cybersecurity incidents worldwide. The report explains the gaps in more detail and establishes a cybersecurity talent framework to address them.
ABOUT BOSTON CONSULTING GROUP
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we work closely with clients to embrace a transformational approach aimed at benefiting all stakeholders—empowering organizations to grow, build sustainable competitive advantage, and drive positive societal impact.
Our diverse, global teams bring deep industry and functional expertise and a range of perspectives that question the status quo and spark change. BCG delivers solutions through leading-edge management consulting, technology and design, and corporate and digital ventures. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, fueled by the goal of helping our clients thrive and enabling them to make the world a better place.
© Boston Consulting Group 2024. All rights reserved.
For information or permission to reprint, please contact BCG at permissions@bcg.com. To find the latest BCG content and register to receive e-alerts on this topic or others, please visit bcg.com. Follow Boston Consulting Group on Facebook and X (formerly Twitter).