600,000 U.S. Cybersecurity jobs remain vacant

About one million people work in cybersecurity in the U.S., but there are nearly 600,000 unfilled positions, out of which 560,000 are in the private sector.

In the last 12 months, job openings have increased 29%, more than double the rate of growth between 2018 and 2019. President Joe Biden has urged U.S. companies to harden their cyber defenses immediately amid the growing risk of Russian cyberattacks.

The cyber worker shortage is a particular problem with smaller organizations, from municipalities and law firms to hospitals and businesses, that can’t offer high enough pay to attract high-skilled workers.

Phishing attempts and ransomware attacks on businesses, schools, hospitals and other organizations have soared up, with so many employees using their home networks and computers.

Workers with the technical skills required to respond to cyber threats were already hard to come by before the COVID-19 pandemic, but a convergence of events accelerated the demand for positions such as software developers, vulnerability testers, network engineers and cybersecurity analysts even more.

Last year, ransomware attacks affected the operations of organizations including a San Diego hospital system, a nationwide payroll provider and the office network of the Illinois attorney general. It is expected that there will be 3.5 million unfilled cybersecurity jobs by 2025, if the jobs still remain vacant.