New data confirms there is a major shortage of cyber professionals, and a recent report tackling the topic suggests this could prove one of the biggest challenges to Canada’s digital economy.
To supplement the growing body of research on cybersecurity labour market research in Canada, the Information and Communications Technology Council released a national survey that encompasses both cybersecurity employers as well as cybersecurity students who will enter the future workforce.
While well over 100,000 cyber professionals are currently employed across the country, it is estimated that at least 25,000 more are needed now. From 2019 to 2021, the labour market grew from 84,000 to 123,000, but the gap in supply and demand did not close.
Beyond putting Canadian government and companies at risk from cyber threats we aren’t sufficiently prepared to foresee or defend against, the shortage harms Canadian tech innovation and progress at large.
Adding to the issue is the multitude of factors at play. Competition from the US hurts, as has burnout from students going through bloated cybersecurity education, plus often gruelling demands of the work itself.
“Despite increased spending in cybersecurity, there are numerous structural challenges facing the field,” warns the report, titled “Cybersecurity Talent Development: Protecting Canada’s Digital Economy.”
Concerns around cyber staffing shortages were present pre-Pandemic and have since amplified.
A global information security systems survey found that one-third of respondents believed a global skills shortage had a significant impact on their organization, while two-thirds said skills shortages increased the workload on existing staff. And there is evidence that increased pressure and staff shortages are leading to lower job satisfaction and solicitations by recruiters.
However, the industry has much to offer, namely high pay and guaranteed work.
Cyber roles include security architect, cyber analyst, data scientist, engineer, and even “ethical hacker,” as the threat of cyber crime both public and private is always present. Salaries vary widely, ranging from an average of $60,000 for a security administrator to $200,000 for a chief information security officer.
Either way, job security in the field is next-to-none, the report affirms.
“Cybersecurity is a highly competitive field with a sharp talent deficit,” it states. “Some international reports on the cybersecurity labour gap tout global unemployment rates as low as 0%.”
The ICTC report suggests that an alternative to traditional education is “emerging education pathways” sun as coding bootcamps and Massive Open Online Courses.
“Coding bootcamps and MOOCs have been highly disruptive and successful in areas such as software development,” notes the report, but “uptake in the cybersecurity field has been comparatively low.”
Still, there are multiple pathways into cybersecurity roles—whether directly from a relevant college or university program or as part of a mid-career transition through up-skilling.
“The challenge style uses realistic scenarios and vulnerabilities seen in the day-to-day work of our organizing team,” the nonprofit explains.
Meanwhile the British Columbia Institute of Technology and Cisco Canada have partnered on the Industrial Network Cybersecurity Lab to address the global demand for cybersecurity talent. The INC Lab is a state-of-the-art facility for students in BCIT’s INC diploma program that merges cybersecurity and industrial network skills with game-based learning and real-world scenarios.
“The INC program is a direct response to the industry’s growing need for cybersecurity skills to protect critical infrastructure and keep our communities running,” explains David Leversage, Program Champion, BCIT.