As businesses become more digitally connected, their exposure to cyber threats increases. Managing these risks is a complex endeavor due to the rising costs of investment in equipment, software, and cyber talent.
In this report, we focus on the causes and consequences of the increase in cyber skills demand. Our first chapter highlights the factors that have increased companies’ exposure to cyberattacks, as well as the costs associated with this exposure. We highlight two notable trends that have drastically changed the landscape and importance of cybersecurity. First, the impact of geopolitics and the emergence of cyberwarfare. Second, consumers’ rising attention toward the security of their personal data. In the second chapter, we discuss how global and regional labor markets fare in the face of steep competition for cybersecurity talent. Using information extracted from the profiles of the active cyber professional population, we measure the supply of cyber skills and examine the characteristics of cyber professionals. Our spatial analysis focuses on recruitment difficulties across states and cities. In our last chapter, we turn to regulation, business strategy, and governance. We discuss the importance of compliance and how failure to comply with regulation can substantially increase the cost of a cyberattack.
We evaluate the costs and benefits of strict regulatory measures and explore alternative measures. We argue that cybersecurity is a public good and that firms should implement a resilient cybersecurity defense as their social responsibility.
Cyberattacks are increasing — in number, complexity, and cost — driven by geopolitics and cyber warfare. By sector, there has been a distinct surge in cyber risk in the healthcare industry and cybersecurity is increasingly becoming a concern for firms globally.
Because businesses are increasing their digital footprints at the same time cyberattacks are increasing, the need for a workforce with digital skills is growing — both regionally and by industry.
in the U.S., job listing data indicate there is rising demand for workers with cyber skills. In 2021, the aveage U.S. state saw 2.6 cyber job postings per cyber professional. In addition, compared to IT prefessionals, the age of the cyber-related workforce is relatively younger and job postings for cyber jobs are open for longer.
Exposure to cyberattacks depends on a firms' own cyber resilience as well as that of its partners and suppliers. The optimal provision of this public good can be addressed by government intervention via regulations, or by encouraging firms to integrate cybersecurity as part of the corporate social responsilbilty agenday. Demand for cyber skills rapidly increase in industries highly exposed to enforcement.