The COVID-19 pandemic has changed the way a many businesses operate, with cybersecurity among the various business elements impacted. It has compelled us to find different solutions and amplified a lot of the challenges the field was already facing. One of the most constraining problems cybersecurity is facing as an industry is the talent shortage.


According to a survey conducted by ESG in late 2019, around 53% of companies have reported a shortage of skilled cybersecurity members in their team. Around the same time, (ISC)2 conducted its annual Cybersecurity Workforce Study, which concluded that there is a global cybersecurity talent shortage of around 4 million, which means that the workforce would have to grow by around 145%.

While no estimates were made with regards to how a pandemic could/would influence this trend, there is now evidence which suggests COVID-19 is having a negative impact. Let’s take a look at the most prominent ways COVID-19 has changed the field and made the skill shortage more prominent and noticeable.

New Environments and New Challenges

The pandemic has forced companies, including their cybersecurity departments, to work from home. While that has certain overall advantages for employees, it also requires a lot of preparation and adjustment to be productive and maintain the effectiveness of all systems.

When it comes to cybersecurity, every moment of weakness can have drastic consequences. Even if all cybersecurity measures are set up correctly, they need regular and proper maintenance, which needs to be accounted for during the transition process from office to home. This requires additional attention.

Furthermore, work from home strategies require the use of new communication channels, which need to be set up correctly and thoroughly checked in order to be considered secure. The document flow also needs to be completely virtual, which requires an additional workforce to safeguard. Stay-at-home employees are also more vulnerable to phishing attempts and other forms of social engineering techniques.

Increased Malevolent Activity

While the pandemic is a challenge for cybersecurity professionals, for hackers it is an opportunity. COVID-19 has sparked a spike in cyber-criminal activity, especially in the healthcare field. A US national survey has revealed that around 83% of physicians have experienced a cyber-attack in the recent period. Furthermore, a successful attack would result in a loss of private patient information, including their diagnosis and lab results.

The loss of sensitive patient information is not the only cybersecurity threat. Taking advantage of a less secure employee environment, cyber-criminals have intensified their attempts at gaining access to sensitive data by using social engineering techniques. A report from Microsoft states that there are around 30,000 attacks per day that exploit this method.

Overall, attacks during the pandemic have not been any more elaborate or intricate. The main challenge is that there are more of the same types of raids. Obviously, the best way to adapt to that is to hire more specialists.

Re-tasking of Cybersecurity Personnel

It turns out that companies experience a lack of professionals during the pandemic in other fields as well. An April, a survey by (ISC)2 shows that 81% of respondents had their job functions changed in some capacity. Some of them were required to assist employees with other IT-related problems, like installing new programs and updates, deleting unused ones, data backup, etc., leaving the cybersecurity element of their job description on the side. A lot of these tasks can be completed without external help by using specific tools that maintain your PC or Mac computer security and performance.

The same report indicates that the number of security-related incidents increased during the stay-at-home order. Most companies still felt that cybersecurity should be their focus and want to prevent data breaches. The problem with this conflicting info is that it can only be resolved one way – by hiring more specialists on the team.

However, there are some steps organizations can take to help narrow the gap.

Consider Candidates That Are Ready to Learn Hands-On

In order to fill the gap, you need to widen your talent pool. There are various ways you can do that, from forming direct pipelines from universities to shortening your skill requirement list. However, specialists argue that you won’t solve the problem that way, as your employees wouldn’t have the skills needed in the field.

The best solution to that is to hire applicants that are the most prepared to acquire the set of skills needed. If they are prepared to learn hands-on, while completing the task at hand, you will have a skilled member in your team in no time.

Create a Proper Benefits and Reimbursement System

The shortage of skilled workers means high demand on the job market. So, if you want to attract the best talent to your team, you need to provide something special to entice skilled workers to join you. The easiest and the most obvious way is to offer competitive pay for their job.

However, money is not the only thing workers are interested in. Don’t forget about flexible work hours, paid vacation time, learning and self-development opportunities. Overall, take a look at the job market and adjust your bid to popular current offers there.

Pay Attention to Military Veterans

Cybersecurity military officers go through intensive training and acquire a wide range of skills to protect their country from foreign invasion of cyber-capabilities, so it is no wonder the most skilled officers are often sought out by big tech companies. You should pay attention to military veterans from this field as well since a lot of them remain jobless too.

According to scientists, the COVID-19 pandemic might not be the last we face in our time. That’s why we need to adapt to these conditions as fast as possible while being mindful of what awaits us in the long run.

Cybersecurity challenges brought to the fore by COVID-19 can be solved and overcome. It is a matter of making the right decisions, adapting to circumstances and being careful and thorough. Staffing shortage as a major problem is solvable as well. Create the appropriate conditions and you will find the right members for your team.

Credits: https://www.infosecurity-magazine.com/blogs/covid19-cybersecurity-staffing/