Since the beginning of 2022, nearly 175,000 tech workers have lost their jobs in sweeping layoffs from firms both big and small, according to Layoffs.fyi, which tracks tech layoffs. No single industry or function has been immune from tech job losses, but cybersecurity roles still remain in high demand.
The 3 cybersecurity hiring trends experts predict for 2023BY Sydney LakeJanuary 11, 2023, 2:50 PM
Cybersecurity experts expect demand to remain high this year, and the U.S. Bureau of Labor Statistics projects that the number of cybersecurity jobs will grow by 35% between 2021 and 2031. Worldwide, there are about 3.5 million open cybersecurity jobs, according to Cybersecurity Ventures. In the U.S. alone, that number is about 770,000, data from Cyberseek, a cybersecurity industry research company, shows.
“That number might decline, but I suspect you’ll see the number of jobs decrease that are available, but likely not switch to less jobs available than available talent,” Nick Schneider, president and CEO of cybersecurity company Arctic Wolf, tells Fortune. “There’ll still be a skills gap. It will just be smaller.”
Fortune spoke with a few cybersecurity experts about what to expect for cybersecurity hiring trends in 2023. Cybersecurity pros predict that job demand will remain high, more women will land jobs in the industry, and that upskilling will be at the top of mind for both employees and employers.
1. Cybersecurity job demand will remain high
An economic downturn—i.e. a potential impending recession—is no time to cut cybersecurity talent. While no industry is truly “recession proof,” the cybersecurity industry is “largely insulated from market downturns,” as Danny Allan, chief technology officer of data protection firm Veeam, previously told Fortune.
That type of job security is largely due to the fact that data and digital services are critical to business operations, Allan adds, but it’s also because economic downturns can “ignite a fire under the bad actors,” when companies are most vulnerable. Schneider says.
“Companies can’t afford to not have cybersecurity continue through an economic downturn,” Schneider says. Bad actors “also understand that companies are tightening budgets and tightening headcount. It’s a good opportunity to attack. Hopefully most businesses don’t take this opportunity to trim security staff, and I don’t think that they will.”
2. The cybersecurity industry will hire more women
In the U.S., there are currently about 1.1 million people employed in the cybersecurity industry, data from Cyberseek shows. Globally, about 25% of women hold cybersecurity jobs, according to Cybersecurity Ventures. Experts predict that we’ll continue to see women representation in cybersecurity grow this year. In fact, cybersecurity company ReasonLabs has already reached gender parity for its analysts.
“What we are seeing today in the universities is the increase of women talent out there is close to 50-50 right now with the men,” Andrew Newman, chief technology officer at ReasonLabs, tells Fortune. “We’re definitely going to see a huge uptick in women employees. We’re heavily invested in that market today and we’re constantly looking to grow.”
Large organizations like Microsoft Security are also prioritizing hiring more women who are cybersecurity professionals. Microsoft Security launched an initiative where the company has committed to partnering with community colleges to train 250,000 people by 2025.
“In the corporate world, we need to make sure we have diverse slates when hiring and that we are very intentional,” Vasu Jakkal, corporate vice president of Microsoft Security, told Fortune in a recent interview. “It’s going to take the entire village—from parents to school teachers to hiring managers to colleagues and peers to organizations—to elevate women and minorities into cybersecurity.”
3. Upskilling will be important to employers and employees
To help combat the talent gap and barriers to entry, nonprofit cybersecurity certification organization (ISC)2 launched a free online program called Certified in Cybersecurity to help entry-level cybersecurity candidates learn the basics of cybersecurity including security principles, business continuity (BC), disaster recovery (DR) and incident response concepts, access controls concepts, network security, and security operations. And in the three months since its inception, the program has registered more than 110,000 candidates.
“As we promote hiring for non-technical skills and personality attributes, it [gives] that little extra insurance that allows [employers] to have confidence that this person has demonstrated that they have the capability to understand these core concepts,” Clar Rosso, CEO of (ISC)2, previously told Fortune. “Since this workforce gap is this big hairy issue, this is what we’re investing in now.”
Schneider also predicts that upskilling opportunities will act as an incentive for current cybersecurity workers to remain at their current posts as market volatility continues.
“My suspicion is that’s where most businesses will intrigue cybersecurity professionals during an economic downturn. It won’t just be all about compensation,” he says. “It will be a good combination of having the right job, the right benefits, the right training and enablement and the right opportunity for these professionals within their organization to do what they want in their career.”
Check out all of Fortune’s rankings of degree programs, and learn more about specific career paths.