CM
Research & Data

The Numbers Behind the Problem

Every statistic on CyberMatch is backed by industry research. Here are the numbers that expose how cybersecurity hiring is broken.

4.8M
Unfilled cybersecurity roles globally

The global cybersecurity workforce gap has reached 4.8 million unfilled positions, with demand continuing to outpace sup...

[ISC2, 2025]
67%
Of organizations are short on cybersecurity staff

Two-thirds of organizations report having insufficient cybersecurity staff to adequately protect their environments, lea...

[ISC2, 2025]
88%
Of qualified candidates are screened out by automated systems

ATS (Applicant Tracking System) keyword matching rejects the vast majority of qualified applicants who don't precisely m...

[Harvard/Accenture, 2021]
71%
Of entry-level postings require CISSP (a cert that demands 5 years experience)

CISSP requires 5 years of paid professional experience to earn, yet it appears as a requirement in 71% of postings label...

[Albin Paul, 2024][N2K, 2024]

The Reality Gap at a Glance

Hiring Requirements vs. Reality

Entry-level jobs requiring CISSP71%

CISSP requires 5 years experience to earn

Jobs accepting 0-1 years experience15%

Despite claiming to need junior talent

Automated Screening Impact

Qualified candidates filtered out by ATS88%
Organizations with critical skills gaps59%

Up from 44% last year

Detailed Research by Category

The cybersecurity talent shortage is real — but it's made worse by how companies hire, not just how few professionals exist.

4.8M

Unfilled cybersecurity roles globally

The global cybersecurity workforce gap has reached 4.8 million unfilled positions, with demand continuing to outpace supply across every region and specialization.

[ISC2, 2025]
67%

Of organizations are short on cybersecurity staff

Two-thirds of organizations report having insufficient cybersecurity staff to adequately protect their environments, leading to increased risk and burnout among existing teams.

[ISC2, 2025]
59%

Have critical or significant skills gaps (up from 44%)

The severity of skills gaps is worsening — nearly 6 in 10 organizations now report critical or significant gaps in their security teams' capabilities, a sharp rise from 44% in the previous year.

[ISC2, 2025]

Sources & Citations

1

2025 ISC2 Cybersecurity Workforce Study

ISC2 (2025)

View source
3

Cybersecurity Hiring Trends: Skills Deep Dive

ISC2 (2025)

View source
4

State of Cybersecurity Report

ISACA (2024)

View source
5

Hidden Workers: Untapped Talent

Harvard Business School / Accenture (2021)

View source
6

Cybersecurity Recruitment Mistakes: HR & Skill Shortages

Albin Paul (LinkedIn analysis) (2024)

View source
7

Cybersecurity Hiring Likely to Pick Up in 2025, but Challenges Remain

Dice.com (2025)

View source
8

The Future of Recruiting 2025

LinkedIn Talent Solutions (2025)

View source
9

The Problem With Today's Cybersecurity Job Descriptions

N2K (formerly CyberVista) (2024)

View source
10

Occupational Employment and Wage Statistics — Information Security Analysts

U.S. Bureau of Labor Statistics (2024)

View source
11

Cybersecurity Supply/Demand Heat Map

CyberSeek (NICE/NIST, Lightcast, CompTIA) (2025)

View source
12

Cybersecurity Hiring: Non-Technical Skills Are Now King

Intelligent CISO (2025)

View source
13

Cybersecurity Salary Guide 2026

HADESS (2026)

View source
14

Cybersecurity Graduate Unemployment Analysis

Programs.com (2025)

View source

Ready to fix your job descriptions?

Use CyberMatch to analyze your JDs against industry benchmarks and get actionable recommendations.

Analyze Your JDSee The Wall