There is a worrying shortage of talent in cybersecurity, a sector crucial for the protection of individuals, businesses, and governments. Few regions are more aware of this than Maryland, which sits at the epicenter of the cybersecurity industry.
In our recent webinar with TEDCO (Maryland Technology Development Corporation), we explained how Lightcast has been working with TEDCO to map a plan for bridging the cyber-talent gap in Maryland.
In this article, we break down the biggest insights from that webinar, showing how Lightcast used labor market data to shed light on the complexities of this talent gap and discover strategies for addressing it.
For the majority of our nation’s history, most threats to national security could be spotted with a pair of binoculars; but in today’s digitized world, the business of protection has become a much more complex affair, as sinister threats can now lurk undetected in cyberspace. This is why the cybersecurity industry has never been more important. And yet, worryingly, cybertalent is increasingly difficult to find.
Few places understand this talent gap as well as Maryland, which (alongside Virginia and DC) sits at the epicenter of the cybersecurity industry. In fact, while the Maryland/DC region has one of the biggest cybersecurity workforces in the country, it’s second only to Virginia in its demand for more workers. Because of this, TEDCO (Maryland Technology Development Corporation) decided to take action.
Turning to Lightcast’s labor market data
TEDCO knew that to solve this talent gap, they needed to first understand the complexities of what was causing it. And to do this, they would have to look at the hard data on the cybersecurity industry in their region. But where do you find reliable, up-to-date data on such a new and rapidly evolving sector? And how can you know that you’re interpreting your findings correctly?
It was these questions that drove TEDCO to seek out Lightcast’s experienced team of economists for assistance with the project. And, thanks to Lightcast’s involvement in the National Cybersecurity Workforce and Education Strategy at the White House, experience maintaining the CyberSeek platform, and multiple research reports on the topic, the Lightcast team came into the project well-informed, and well-positioned to hit the ground running.
First, the team got to work on building a detailed portrait of the cybersecurity workforce in the Maryland/DC region, using Lightcast data to answer questions such as: Who are the employers in need of workers? What roles do they need filled? What skills do they require? Where did their current workers come from? And what happens to the qualified graduates coming out of Maryland’s IT programs?
As answers to these questions emerged, the various causes of the talent gap started coming into focus—and along with them, possible solutions.
Getting to the roots of the problem
Rarely does a talent gap have one single cause. More often, this type of problem is like a plant with many different roots. Here are just a few of the “roots” that Lightcast’s economists were able to dig up in their analysis, and some strategies for addressing them:
A narrow doorway
One key finding that soon surfaced in Lightcast’s research had to do with certificates. Traditionally, certificates have been used as a way to widen the doorway of the workplace to workers who may not have the right degree, but who do have the right skills. However, the data showed that many employers in TEDCO’s region are essentially using certificates to do the opposite. Lightcast’s team found that when certifications are included in job postings, those job postings are actually more likely to require a bachelor’s degree than when the certification isn’t present in the job posting—making certifications just another requirement on top of a degree, and narrowing the doorway to employment even further.
One takeaway from this: if employers welcome applicants who have earned their skills through a certification program alone, they may find a new pool of overlooked candidates ready to take on the roles they so desperately need filled.
The demand for experience
Experience is the truest measure of readiness, yet the most difficult to acquire. This notion came up time and time again in focus groups, and the data reflects that many employers feel the same. In fact, less than a third of job postings in Maryland/DC’s cybersecurity sector could be described as entry level, that is, requiring only 2 years of experience or less.
Yet if all employers follow this reasoning, the result would mean that any effort to build a pipeline of new workers in this industry won’t pay dividends for another 3-5 years, as freshly trained individuals gain this mandatory experience. (And, one has to ask: where are all of these new workers supposed to find this experience in the meantime?)
There must be some kind of meeting in the middle. Employers must carefully weigh the staffing requirements of each role to determine whether they are truly necessary. Meanwhile, educators would do well to build experience into the educational pathway, so that students entering the workforce have at least some experience to advertise when they apply for jobs.
The security clearance time lag, and the untapped veteran workforce
Lightcast data showed that a huge portion of the demand for cyber workers in the region is driven by a small handful of government contractors—and these employers face a unique challenge.
Given the sensitive nature of the work these contractors do, certain levels of security clearance are often a requirement for the roles they need filled. This means that even when they do find qualified workers, it’s often quite some time before these new employees are cleared to perform all of the duties they were hired to do. This adds a burdensome time lag onto an already stressful talent shortage.
One solution? Start targeting the pool of individuals in their region already cleared for security clearance: service members transitioning to civilian life.
Each year in the US, there are as many as 200,000 service members navigating this transition, and significantly, whatever security clearances that they’ve acquired during their military service remain valid as they enter civilian life. Additionally, many of these individuals are already in the position of seeking out a new line of work, making this an ideal (and sizable) demographic for government contractors to target.
The cybersecurity talent gap is a problem with solutions
These are just a few highlights from the in-depth, comprehensive analysis conducted by Lightcast and TEDCO. There is much more to the discussion, including a closer look at talent pipelines and additional recommendations for closing the cybertalent gap in Maryland. For these details, you can watch a presentation of the findings, or download the report.
While this project focused on cybersecurity, the need for data-driven workforce strategies is hardly limited to any one industry. Neither is Lightcast’s expertise. We’ve done similar analyses for a myriad of other regions and sectors, including emerging areas like Green Jobs and Artificial Intelligence.
If you’re looking for actionable data to identify, quantify, and solve for talent gaps in your region, please let us know! We’d be glad to connect and explore how our team can support your mission.