Moneyzine
/Careers Guides/Essential Cybersecurity Job Statistics for 2023

Essential Cybersecurity Job Statistics for 2023

Radovan Sekulic
Author: 
Radovan Sekulic
Karen Idorn
Editor: 
Karen Idorn
Ben Mendelowitz
Fact Checker: 
Ben Mendelowitz
12 mins
September 26th, 2023
Advertiser Disclosure
Essential Cybersecurity Job Statistics for 2023

With thousands of cyberattacks daily, cybersecurity has become one of the most essential tech sectors. In this overview of the latest cybersecurity job statistics, we’ll explore the global and US job markets and examine the challenges organizations face when looking for employees. We’ll also discuss how much cybersecurity experts earn, which jobs pay the most, and how satisfied employees are with their salaries.

Top 10 Cybersecurity Job Statistics and Facts for 2023

  • The global cybersecurity industry had nearly 4.7 million employees in 2022.

  • At 1.34 million, the US has the world’s biggest cybersecurity labor force.

  • In 2022, the global cybersecurity labor force shortage totaled 3.43 million.

  • Globally, 62% of companies say their cybersecurity teams are understaffed.

  • Women account for only 25% of cybersecurity employees worldwide.

  • The US had 663,434 new cybersecurity jobs between May 2022 and April 2023.

  • At 69,213, California had the most new cybersecurity positions for the year ending in April 2023.

  • The average cybersecurity pay in North America was $134,800 in 2022.

  • At $138,730, New York had the highest median cybersecurity pay in 2022.

  • 87% of cybersecurity employees are satisfied with their salaries.

Cybersecurity Workforce Overview

The global cybersecurity industry had nearly 4.7 million employees in 2022.

Estimates from ISC2, a nonprofit cybersecurity organization, reveal that the industry employed 4,656,084 specialists across 4 continents and 14 countries. Looking at individual regions, North America had the largest workforce at 1,344,538. With 1,230,365 employees, Latin America was second, while Europe, Middle East, and Africa (EMEA) ranked third with 1,222,154 employees in 2022. Finally, the Asia-Pacific region (APAC) had 859,027 cybersecurity employees in 2022.

(ISC2)

At 1.34 million, the US has the world’s biggest cybersecurity workforce.

Of the 14 countries in the study referenced above, the US had far and away the world’s largest cybersecurity workforce in 2022. Other countries with significant cybersecurity staffs included Brazil (#2; 687,947), Mexico (#3; 542,418), Germany (#4; 464,749), Japan (#5; 388,402), the United Kingdom (#6; 339,145); South Korea (#7; 249,520), and France (#8; 189,733).

(ISC2)

The Netherlands recorded the highest cybersecurity job growth in 2022.

In 2022, the Dutch cybersecurity industry had 57,672 employees — a massive 64.3% increase from 35,106 in 2021. Similarly, Japan’s cybersecurity staff recorded a 40.4% increase, from 276,556 in 2021 to 388,402 in 2022. The list of countries with significant year-over-year growths also includes France (+29.2%), Spain (+23.2%), and Brazil (+18.3%). Unlike other countries, Germany (-0.01%) and Singapore (-16.5%) saw year-over-year decreases in cybersecurity staff.

(ISC2, IAPP)

In 2022, the global cybersecurity job shortage totaled 3.43 million.

Despite adding more than 464,000 workers in 2022, the global cybersecurity industry still needs 3.43 million employees to function at an optimal level. As for individual regions, Asia-Pacific has the most significant shortage and would need 2,163,468 workers to fill it. The gaps are smaller in other regions — 515,879 in Latin America, 436,080 in North America, and 317,050 in EMEA.

(ISC2)

Globally, 62% of companies say their cybersecurity teams are understaffed.

Organizations worldwide are feeling the brunt of the cybersecurity workforce shortage, with 47% saying their dedicated teams are somewhat understaffed and another 15% believing they are seriously understaffed. According to ISACA’s 2022 survey, a lack of funding is one of the main reasons for this. Namely, 39% of company representatives say their cybersecurity efforts are somewhat underfunded, while 15% believe they’re seriously underfunded. For comparison, 42% believe their cybersecurity teams are appropriately funded, and 4% say they’re overfunded.

(ISACA)

Women account for only 25% of all cybersecurity employees worldwide.

Despite the ever-growing cybersecurity job demand, the industry still has a diversity problem. Namely, a 2022 study found that women comprise about a quarter of the sector’s workforce. Worse yet, many women with experience in the field were subject to gender discrimination. On that note, 19% say they dealt with overt discrimination, 29% claim they got harsher reactions to errors than male coworkers, and 53% report facing inexplicable delays in career advancement.

(Boston Consulting Group)

60% of organizations have difficulty retaining qualified cybersecurity staff.

Another contributing factor to the existing cybersecurity workforce gap, employee retention issues occur for many reasons. While 59% of industry insiders say qualified professionals leave for better opportunities at other companies, 48% blame their departures on the lack of financial incentives. At the same time, 47% cite limited advancement opportunities, and 45% point to high work stress levels. Companies themselves are at fault in many cases — 34% say qualified staff leave due to insufficient managerial support, while 30% blame it on poor workplace culture.

(ISACA)

47% of companies need 3–6 months to fill cybersecurity job openings.

According to a 2022 survey, only 2% of companies would fill a job opening in under a month. At the same time, 6% needed a month and 16% two months to do so. And while 16% needed more than six months, 2% reported they could not fill any of their open positions. One of the key reasons for this is that many of the applicants don’t have the skills required for the job. Namely, in 27% of cases, only 1%–25% of the applicants are actually qualified for the job in question.

(ISACA)

Only 20% of companies deem university degrees very important when hiring cybersecurity experts.

In a reversal of a longstanding trend, many entry-level cybersecurity jobs nowadays require no degree. In Oceania, only 27% of companies required university degrees for such positions in 2022. Similarly, 45% of European, 49% of North American, and 59% of Middle Eastern firms demanded that cybersecurity job applicants have degrees for entry-level positions. On the other hand, degrees are still highly valued in Latin America (61%), Asia (68%), and Africa (71%).

(ISACA)

Cybersecurity Job Market in the US

The US had 663,434 new cybersecurity jobs between May 2022 and April 2023.

Within the National Initiative for Cybersecurity Education (NICE) Framework, most job openings in this year-long period fell under the Operate & Maintain (439,981 positions) and Securely Provision (384,607) categories. Other categories with a large number of new openings included Oversee & Govern (266,959), Protect & Defend (214,131), and Collect & Operate (206,886). It’s important to note these categories aren’t mutually exclusive, as one job can fill multiple roles.

(CyberSeek, TechTarget)

At 69,213, California had the most new cybersecurity jobs for the year ending in April 2023.

The list of states with the highest number of new cybersecurity jobs during this period also includes Virginia (#2; 61,648), Texas (#3; 57,878), Florida (#4; 34,373), Maryland (#5; 30,128), and New York (#6; 27,503). This is in line with the previous two calendar years, when the same six states led the pack. The rest of the top 10 for the year ending in April 2023 includes Illinois (#7; 25,105), Colorado (#8; 22,641), North Carolina (#9; 21,278), and Georgia (#10; 20,624).

(CyberSeek)

At just 810, Montana had the fewest new cybersecurity jobs for the year ending in April 2023.

Meanwhile, Wyoming (896) saw a massive cybersecurity job growth rate of 48.7% compared to 2021, when it had 545 new openings. It still ranked second-to-last, though, slightly below West Virginia (917), which also had a triple-digit number of new jobs. The rest of the bottom 10 for the year ending in April 2023 included North Dakota (1,075), Alaska (1,324), Delaware (2,317), New Hampshire (2,557), Mississippi (2,631), Rhode Island (2,700), and South Dakota (2,748).

(CyberSeek)

By 2031, the number of information security analysts in the US will grow by 35%.

The cybersecurity job outlook in the United States is very positive, with organizations projected to add about 56,500 new information security analyst jobs each year until 2031. This is one of the most sought-after positions in the sector nowadays, and the steady growth in cyberattacks will keep driving the demand for more employees. According to Lightcast, a market analysis company, US companies could employ almost 1.99 million cybersecurity specialists by 2032.

(University of Wisconsin)

Cybersecurity Pay Stats

The average cybersecurity salary in North America was $134,800 in 2022.

Cybersecurity specialists in EMEA averaged $93,535 per year, while their peers in Asia-Pacific made $59,379. Meanwhile, Latin America saw the lowest average annual salary at just $22,185. As for the US, the country’s cybersecurity experts averaged $135,000 in 2022. The actual salary depended on their education, with PhD holders and post-doc students averaging $150,000. On the other hand, those with associate’s degrees and high school diplomas averaged $127,750.

(ISC2)

Information security officers have the highest-paying cybersecurity job in the US.

According to a study by Mondo, a leading US staffing agency, information security officers can net anywhere between $150,000 and $225,000 a year. Cybersecurity engineers have an annual income in the $126,000–$213,000 range, while application security engineers make between $130,000 and $200,000. Network security engineers can net up to $208,000 annually, whereas cybersecurity analysts and the so-called “ethical hackers” can each earn up to $160,000.

(Mondo)

At $138,730, New York had the highest median cybersecurity salary in 2022.

The list of states with the highest salaries also includes California (#2; $137,600), Maryland (#3; $135,920), New Hampshire (#4; $135,320), and Washington (#5; $132,820). The rest of the top 10 comprises Iowa (#6; $132,590), the District of Columbia (#7; $132,200), Virginia (#8; $131,340), Delaware (#9; $130,360), and New Jersey (#10; $129,330).

(Bureau of Labor Statistics)

At just $57,650, Puerto Rico had the lowest median cybersecurity salary in 2022.

Puerto Rico’s cybersecurity experts made at least $28,000 less than their peers elsewhere in the US. Other states in the bottom 10 fared much better in terms of the median annual salary, including Mississippi at $85,460, Vermont at $85,860, Wyoming at $87,630, and Indiana at $88,720. The bottom 10 for 2022 also includes Missouri at $88,790, Maine at $89,460, Montana at $90,100, North Dakota at $90,130, and Louisiana at $90,410.

(Bureau of Labor Statistics)

As of September 2023, the average healthcare cybersecurity salary stood at $128,870.

Healthcare is among the sectors most prone to cyberattacks, resulting in a very high demand for cybersecurity experts. According to data published by ZipRecruiter, a cybersecurity analyst working in the healthcare sector averages $61.96 per hour or $10,739 per month. Of course, the actual salaries vary based on numerous factors. And while 17% of all employees have an annual income in the $124,500–$137,999 range, the lucky 3% make up to $192,000 per year.

(ZipRecruiter)

87% of cybersecurity employees are satisfied with their job’s salaries.

The most recent Exabeam job satisfaction survey found that 49% of cybersecurity experts in the US were satisfied with their earnings, while another 38% said they were “very” satisfied. At the same time, only 4% said they were unhappy with their salaries. Interestingly, although the sector still favors male workers, all female survey participants said they were either “satisfied” (88%) or “neither satisfied nor dissatisfied” (12%) with their salaries. For comparison, 4% of men working in the sector said they were unhappy with their earnings, and 1% said they were “very unhappy.”

(Exabeam)

Cybersecurity Job Statistics: The Takeaway

With nearly 4.7 million employees and hundreds of thousands of new jobs to be added over the coming decade, cybersecurity is still a growing sector. Depending on their skills and position, employees can earn up to $200,000 or more per year. Also, as more and more organizations value skills over education, it is easier than ever to get an entry-level job, even without a degree.

But cybersecurity job statistics point to several problems the sector must overcome to thrive. For one, the workforce gap — the number of positions that need to be filled for the industry to reach its operational goals — is currently at an all-time high of 3.43 million. Most companies struggle to overcome this, as filling new job openings usually takes 3–6 months. At the same time, they must aim to diversify their staff and provide incentives to keep their top employees on board.

Cybersecurity Job Market FAQ

How many cybersecurity professionals are there?
How many unfilled cybersecurity jobs are there?
How much do cybersecurity analysts make?
What is the median salary of a cybersecurity engineer?

Sources:

Related Content

  • Is It Worth Pursuing a Master's Degree?
    In an era where education is synonymous with opportunity, many consider pursuing a Master's degree a surefire way to advance their careers. However, is it really the golden ticket to success we've been led to believe?
    March 21st, 2024
  • The gender pay gap, the persistent disparity in average earnings between men and women throughout their careers, serves as a critical measure of wage inequality. This gap underscores the ongoing issue of income disparity, despite the ideal of equal pay for equal work.
    March 14th, 2024
  • 7 Essential Financial Moves After Losing Your Job
    Navigating the stormy seas of job loss? You're not alone.
    February 23rd, 2024
  • The Most In-Demand Skills to Get Hired in 2024
    Every job requires a combination of vital skills, but what skillset is valued most in 2024? As the job market evolves, staying ahead means it’s key to understand and acquire the skills that employers value most.
    April 12th, 2024
  • Key Productivity in the Workplace Statistics for 2024
    In 2023, global employee engagement saw a slight uptick, with 23% of employees engaged, up by two percentage points. However, a sizable 59% are categorized as disengaged, while actively disengaged employees, known as "loud quitting," declined to 18%. These figures highlight the persistent challenge for organizations to cultivate happiness and productivity in the workplace.
    January 31st, 2024

Contributors

Radovan Sekulic
Radovan is a journalism graduate with years of experience as a writer and editor. He loves dabbling in numbers and percentages, interpreting data, and trying to make sense of seemingly complex information and turning this into digestible articles. He is also a pop culture aficionado with boomer taste, and if he's not watching movies or reading on current events, he's probably busy getting cat hair off his furniture.
Karen Idorn
Karen Idorn is an experienced PR professional based in London. She is an established writer who always follows the latest trends in the finance industry and concentrates on delivering interesting, valuable content for audiences.
Ben Mendelowitz
Fact Checker
Ben Mendelowitz
Moneyzine 2024. All Rights Reserved.