Unveiling the 2024 SANS | GIAC Cyber Workforce Research Report: Building and Sustaining Mid-Level Cybersecurity Roles

Explore the key findings from the 2024 SANS | GIAC research report on cybersecurity workforce management.

May 2, 2024

The 2024 SANS | GIAC Cyber Workforce Research Report is a cornerstone document, illuminating the strategies and challenges involved in recruiting, hiring, and retaining mid-level cybersecurity professionals. This comprehensive study offers invaluable insights for Human Resource and Cybersecurity Managers aiming to construct high-performing cybersecurity teams.

Purpose of the Research

As the industry continues to face an evolving threat landscape, the demand for skilled cybersecurity professionals continues to outpace supply. This research - a collaborative effort led by GIAC, involving SANS, the National Initiative for Cybersecurity Education (NICE), and the Society for Human Resource Management (SHRM) - employs a first-of-its-kind survey aimed at decoding the complexities of the cybersecurity job market, particularly focusing on five mid-level roles that are crucial for organizational security.   

Trends from the CyberSeek database, aligned with work role definitions from the NICE Framework, were used to identify the top five cyber work roles that are most in demand right now.  These roles are Forensics Analyst, System Information Security Analyst, Information Systems Security Manager, Security Architect, and Vulnerability Analyst.  

So many studies are focused on the shortage of the cyber workforce, but the industry is so much more complicated since over 80% (or 460,000) of the openings from CyberSeek are from mid-level career individuals on specialized work.  Our study is built to focus on these specialized mid-level career jobs and we included case studies to provide real-world stories from leading cybersecurity organizations to back up the data. - Brian Correia, Director of Business Development, GIAC

Key Takeaways

  • High Effectiveness of Current Teams: The report reveals that a substantial percentage of cybersecurity teams are either meeting or exceeding their goals, highlighting the effectiveness of current training and recruitment strategies. However, there remains a notable portion of teams that are underperforming, which underscores the need for enhanced training and recruitment practices. 

  • Importance of Certification-Based Training: Employers show a strong preference for certification-based training over traditional educational degrees. This trend reinforces the value of practical, hands-on experience and the ability of certifications to verify the competencies of cybersecurity professionals. 

  • Challenges in Hiring and Retention: One of the report’s critical discussions revolves around the challenges faced by organizations in hiring and retaining talent. Issues such as salary competitiveness, the lack of defined career paths, and inadequate training opportunities are highlighted as significant hurdles. 

  • Strategic Use of the NICE Framework: The report advocates for broader adoption of the NICE Framework to standardize roles and improve communication between HR and cybersecurity departments, thereby enhancing recruitment efficiency and team effectiveness. 

Insights from Case Studies 

The report is enriched with case studies that provide real-world insights into successful strategies and challenges encountered by organizations in cybersecurity hiring and development. Key highlights from these case studies include: 

  • Blending Training Approach: The most successful cybersecurity teams are built through a blend of on-the-job and certification-based training, suggesting that a mixed approach to skill development is key to preparing mid-level professionals for complex cybersecurity roles. 

  • Innovative Recruitment Strategies: Organizations are adopting innovative recruitment practices to identify and attract top cybersecurity talent, emphasizing the importance of aligning job descriptions with actual job requirements. 

  • Training and Development: Continuous training and development play a critical role in retaining cybersecurity talent, particularly in providing opportunities for career advancement and skill enhancement. 

  • Management and Leadership Development: There is a clear need to develop cybersecurity professionals into management roles, stressing the importance of leadership training and mentorship to prepare candidates for higher-level responsibilities. 

Interesting Points

In addition, the research uncovered a few points worth exploring further: 

  • Addressing the Skills vs. Headcount Gap: The study differentiates between the skills gap and the headcount gap, with insights suggesting that addressing the skills gap through targeted training can be more immediately beneficial than merely increasing headcount. 

  • Senior Management’s Role: There is a need for greater involvement and investment from senior management in cybersecurity hiring and skill development practices. This support is crucial not only for securing funding and resources but also for enhancing the strategic alignment of cybersecurity efforts within broader business objectives. 

The challenges involved in managing the cyber workforce has been discussed for some time.  We hope that this report will be a first step in moving the conversation towards specific tactics that can help organizations with these complex problems. - Jeremy Rabson, SANS | GIAC Executive Leadership

Conclusion

The 2024 SANS | GIAC Cyber Workforce Research Report serves as a vital resource for understanding the dynamics of the cybersecurity job market. It provides actionable insights for HR and cybersecurity managers to refine their strategies in hiring, training, and retaining cybersecurity talent. By addressing the outlined challenges and implementing the recommended strategies, organizations can enhance their cybersecurity defenses through a robust, skilled, and well-supported cybersecurity workforce. This report is not just a reflection of current practices but a roadmap to future resilience in the face of global cyber threats.  

Download the full report here.