Global Cybersecurity Workforce Gap Reaches 4.8 Million: New ISC2 Study Highlights Diversity Crisis

ISC2's 2025 Cybersecurity Workforce Study finds the global shortage of cybersecurity professionals has grown to 4.8 million, up 15% from 2024. The report identifies AI skill gaps and a severe decline in entry-level hiring as primary drivers, with workforce diversity declining for the first time in five years.

via ISC2·December 31, 2024·Dec 31

SHARE:𝕏 IN

#workforce#talent shortage#ISC2#diversity#AI skills

ISC2 has published its annual Cybersecurity Workforce Study, and the findings paint a sobering picture for an industry already struggling with chronic talent shortages. The global cybersecurity workforce gap has grown to 4.8 million—a 15% increase from the 4.2 million reported in 2024.

Key Findings

The Gap is Growing Despite More Professionals: The total global cybersecurity workforce grew to approximately 5.5 million professionals in 2025—an increase of 8% year-over-year. Yet demand is growing even faster, driven by expanded regulatory requirements, digital transformation initiatives, and the increased attack surface created by cloud migration and AI adoption.

AI is Bifurcating the Market: The study identifies a widening skills bifurcation. Organizations are increasingly seeking professionals with AI/ML security skills, yet fewer than 18% of current practitioners have formal training in either area. This skills mismatch is contributing to paradoxical outcomes: record layoffs in some segments while critical roles remain unfilled for months.

Entry-Level Hiring Collapsed: One of the study's most alarming findings is a 34% decline in entry-level cybersecurity hiring from Q4 2023 to Q4 2024. Organizations cutting entry-level positions while complaining about the pipeline shortage. "The industry is eating its own future," the report states bluntly.

Diversity Declining: For the first time in the study's five-year history, representation of women and underrepresented minorities in cybersecurity declined year-over-year. Women now represent 24% of the global cybersecurity workforce, down from 25% in 2024.

Regional Disparities

The Asia-Pacific region accounts for 2.1 million of the 4.8 million gap. Sub-Saharan Africa has the highest growth in cybersecurity professional demand (67% year-over-year) but the lowest supply growth (12%). The US gap, at approximately 500,000, has stabilized but not improved.

What Organizations and Policymakers Can Do

The report recommends expansion of apprenticeship and paid internship programs, industry-wide adoption of skills-based hiring criteria rather than degree requirements, increased investment in cybersecurity education at the secondary and community college level, and immigration pathway reform to facilitate movement of cybersecurity talent across borders.

Source attribution: via ISC2. HackWire aggregates and contextualizes publicly reported cybersecurity news for informational purposes.

Global Cybersecurity Workforce Gap Reaches 4.8 Million: New ISC2 Study Highlights Diversity Crisis

Key Findings

Regional Disparities

What Organizations and Policymakers Can Do

CISA Issues Emergency Directive ED-25-02: Ivanti Connect Secure Exploitation Ongoing

EU Cyber Resilience Act Enters Enforcement Phase: Manufacturers Face Fines Up to 15 Million Euros