Number of Employed Cybersecurity Professionals (2026)

Millions work in cybersecurity across the globe.

Yet recent data shows signs of growth stagnation, persistent skill shortages, and skewed demographics.

Below, we’ll explore the data in further detail.

Top Cybersecurity Employment Statistics

Number of Workers in Cybersecurity Roles in the US

In 2026, there are an estimated 1,337,400 workers employed in cybersecurity-related jobs in the US.

Source: Cyberseek

How Many Employed Cybersecurity Professionals Are There?

According to the most recent estimates, there are approximately 5.5 million people currently working in cybersecurity worldwide.

That total represents just a 0.1% increase from 2023 (but a 17% increase since 2022).

This slower year-over-year growth shows that we’re seeing a cooling from the sharp expansion seen in 2022, when widespread investment in security teams drove a surge in hiring. Even so, the cybersecurity workforce continues to grow at a pace that outstrips many other technology sectors.

At a high level, demand growth has moderated over the last few years. However, the overall trend line remains pointing upward, with organizations continuing to expand their security capabilities in response to evolving threats, like AI attacks.

Source: ISC2

Over the past year, cybersecurity teams have observed a decline in hiring and advancement opportunities.

According to 39% of cybersecurity managers, shortages are most commonly caused by a lack of budget. This has overtaken “replacing a shortage of talent” as the top reason.

Budget cuts have reduced funds further, with over a third of respondents (37%) experiencing cutbacks. That’s an increase of 7% over the previous year.

As a possible ripple effect, 1 in 4 cybersecurity employees have observed layoffs (that’s a 3% increase vs. 2023’s figures).

And on a similar note, 38% have seen hiring paused, and 32% have noted fewer promotions (up 6% in the last 12 months).

As a result, it’s unsurprising that cybersecurity job satisfaction is on the decline.

The proportion of cybersecurity employees who are content with their work has dropped from 74% in 2022 to 70% in 2023, and most recently, 66% in 2024.

Nonetheless, that figure remains higher than the average US job satisfaction rate of 51%.

Sources: ISC2, Pew Research Center

Workforce Shortages & Unfilled Roles

Cybersecurity staffing scarcity remains high, with around 2 in 3 (67%) organizations reporting a shortage. That’s despite a recent dip from 69% in 2022.

An alarming 58% claimed that their organizations are at significant risk as a result of understaffing in cybersecurity, up 1% from 2023.

In total, there is a cybersecurity workforce gap of approximately 4.8 million. That’s a 41% increase on 2022’s 3.4 million and a 20% increase on 2023’s 4 million.

Looking at individual countries, China has the largest reported workforce gap at over 2 million. That figure has increased by 19% since 2023, yet it’s far from the biggest change.

With a 77.9% increase, South Korea has seen the largest widening in the workforce gap, closely followed by Australia (71.3%).

Of the 20 assessed countries, just 5 saw the workforce gap cut. The biggest shift towards satisfying cybersecurity job vacancies occurred in Brazil, with a 7.5% change in the right direction.

Here’s a breakdown of the cybersecurity workforce gap by country:

Country2023 Workforce Gap2024 Workforce GapChange Over Previous Year
China1.721 million2.048 million↑ 19%
India790k1.074 million↑ 35.9%
US483k504k↑ 4.4%
Brazil232k215k↓ 7.5%
Japan110k170k↑ 53.8%
Germany105k120k↑ 15%
Mexico116k114k↓ 2.1%
UK73k93k↑ 27.1%
Spain74k73k↓ 1.7%
France59k69k↑ 17%
South Africa57k63k↑ 10.1%
Australia28k48k↑ 71.3%
Canada39k38k↓ 1.2%
UAE32k35k↑ 9.7%
South Korea18k31k↑ 77.9%
Netherlands29k29k↓ 1.6%
Saudi Arabia14k18k↑ 26.8%
Nigeria8k9k↑ 5.7%
Ireland7k8k↑ 9.2%
Singapore4k5k↑ 17.7%

Latin America (5.7% drop) is the only region that has experienced a decline in the cybersecurity workforce gap since 2023.

Here’s the cybersecurity workforce gap by region:

Region2023 Workforce Gap2024 Workforce GapChange Over Previous Year
Asia-Pacific2.67 million3.375 million↑ 26.4%
North America522k543k↑ 4%
Europe348k392k↑ 12.8%
Latin America348k328k↓ 5.7%
Middle East & Africa112k125k↑ 11.8%

Source: ISC2

Cybersecurity Skills Gap

Around 9 in 10 organizations have skills gaps within their cybersecurity setup

According to ICS2, more than one-third (41%) see AI/ML as the most notable skill absent from their team. Cloud computing security (36%) and risk assessment (29%) make up the rest of the top three.

Below is a list of the top skills currently lacking in cybersecurity teams:

RankTechnical SkillProportion of Organizations Lacking Skill
1AI/ML41%
2Cloud computing security36%
3Risk assessment29%
4Application security28%
=5Security engineering and governance27%
=5Risk and compliance (GRC)27%
7Security analysis26%
=8Threat intelligence analysis24%
=8Zero trust24%
=8Penetration testing24%

Fortinet also reports that “finding candidates with AI experience in cybersecurity” is the biggest recuiting challenge (60%).

The report also found that 91% of IT recruiters prefer to hire candidates with technology-focused certifications. That’s up from 89% in 2024.

Education has the largest reported skill gap (96%), closely followed by construction (94%) and healthcare (94%).

This is how each industry compares in terms of cybersecurity skills shortages:

RankIndustryTotal Reported Skill GapCritical Reported Skill Gap
1Education96%18%
=2Construction94%20%
=2Healthcare94%20%
4Real Estate93%15%
=5Nonprofit92%16%
=5Aerospace92%19%
=5Telecommunications92%19%
=5Non-Security Software/Hardware Development92%15%
=5Food/Beverage/Hospitality/Travel92%16%
=5Government92%20%
=11Manufacturing91%17%
=11Energy/Power/Utilities91%14%
=11Insurance91%12%
=14Military/Military Contractor90%19%
=14IT Services90%17%
=14Transportation90%17%
=17Financial Services88%13%
=17Hosted/Cloud Services88%12%
=17Automotive88%14%
=20Retail/Wholesale87%17%
=20Entertainment/Media87%17%
=20Consulting87%12%
=20Engineering87%15%
24Security Software/Hardware Development84%13%
25Legal83%11%

Sources: ISC2, ISC2 (2), Fortinet

Valued Cybersecurity Skills

There is a disparity between the skills hiring managers value and the skills cybersecurity professionals think they value.

For example, only 12% of hiring managers are actively seeking AI/ML skills, yet 23% of professionals believe those skills are in demand.

Similarly, only 19% of cybersecurity professionals think curiosity and eagerness to learn are in-demand skills, yet 26% of hiring managers actively seek these soft skills.

Above all else, strong problem-solving abilities are the most sought-after skills, with 31% of hiring managers prioritizing them. Fortunately, cybersecurity professionals are largely aware of it, with 28% agreeing it is in demand.

Here’s how cybersecurity skills are valued by hiring managers compared to professionals:

Cybersecurity SkillHiring Managers Seeking SkillCybersecurity Professionals Who Think Skill is in Demand
Strong problem-solving abilities31%28%
Teamwork and collaboration skills28%21%
Curious/eager to learn26%19%
Strong communication skills25%31%
Cloud computing security19%30%
Strong strategic thinking skills17%16%
Zero-trust implementation14%17%
Security engineering14%13%
GRC13%19%
Strong project management skills12%8%
AI/ML12%23%
Security analysis11%8%
Time management and organisation11%8%
Application security11%11%
Security administration10%7%
Emotional intelligence10%7%
SecOps8%10%
ID and access management8%9%
Zero trust implementation8%14%
Leadership abilities7%10%

According to the latest data, 71% of cyber recruiters have formal targets for hiring
from underutilized talent pools.

Sources: ISC2, ISC2 (2), Fortinet

Regional Comparisons

According to the latest figures, the US has the largest active cybersecurity workforce (approximately 1.3 million). That’s despite a 3% drop from the 12 months prior.

In fact, the US still has more cybersecurity employees than the second (Brazil – 752k) and third-largest (Japan – 500k) workforces put together.

Here’s a breakdown of cybersecurity workforce sizes across the globe:

Country2023 Workforce2024 WorkforceChange Over Previous Year
US1.339 million1.299 million↓ 3%
Brazil749k752k↑ 0.4%
Japan481k500k↑ 4%
Germany456k439k↓ 3.7%
Mexico436k422k↓ 2.7%
UK367k349k↓ 4.9%
South Korea264k273k↑ 3.3%
France217k230k↑ 6.1%
Spain182k188k↑ 3%
South Africa178k197k↑ 10.7%
Canada157k156k↓ 0.8%
UAE144k149k↑ 3.4%
Australia139k146k↑ 5.5%
Singapore77k78k↑ 1.3%
Netherlands68k73k↑ 8%
Saudi Arabia54k60k↑ 10.9%
Nigeria26k26k↑ 0.2%
Ireland19k21k↑ 5.8%

Together, the Middle East & Africa have seen the largest increase in the cybersecurity workforce (7.4%). The two regions have grown considerably in the space of a year, largely thanks to:

The Asia Pacific region has also seen its cybersecurity workforce increase, while North America, Europe, and Latin America have each seen overall declines.

Here is the cybersecurity workforce split by regions:

Region2023 Workforce2024 WorkforceChange Over Previous Year
North America1.496 million1.455 million↓ 2.7%
Europe1.31 million1.3 million↓ 0.7%
Latin America1.286 million1.274 million↓ 0.9%
Asia Pacific960k997k↑ 3.8%
Middle East & Africa402k431k↑ 7.4%

Given the drop-off in cybersecurity employees in the US, it is no surprise to see that demand for cybersecurity talent is also waning. 

Recent data from LinkedIn reveals that demand for cybersecurity professionals is down 5.4% year-over-year. That’s almost matched by Singapore (4.9% decrease) and France (4.5% decrease).

However, on the other end of the spectrum, Brazil (11.2% increase), Germany (11% increase), and Poland (6.2% increase) have all experienced greater demand for cybersecurity employees between 2021 and 2024.

Based on the share of job postings, Singapore has the largest concentration of demand, making up almost 5% of all advertised openings. In other words, nearly 1 in 20 cybersecurity job listings on LinkedIn are Singapore-based. That’s more than the UK (2.37%) and the US (2.07%) combined.

This is how the top countries by share of cybersecurity job postings compare:

CountryShare of Cybersecurity Job Postings
Singapore4.64%
Poland3.48%
Germany2.83%
Spain2.76%
Australia2.57%
India2.49%
UK2.37%
Italy2.35%
Brazil2.27%
Mexico2.14%
Netherlands2.11%
US2.07%
Canada1.89%
France1.66%

Sources: ISC2, LinkedIn

Demographics: Gender, Age, Ethnicity, Education

Gender

The cybersecurity space remains male-dominated, with only approximately 1 in 6 (16.8%) of the global workforce comprised of women.

Since 2010, the proportion of women in cybersecurity jobs has trended downwards, falling considerably from 26.42%.

Around 1 in 4 (26.7%) cybersecurity professionals in Italy are women – the highest proportion from the assessed countries, just ahead of Singapore (26.2%).

Here’s a look at the proportion of women in the cybersecurity workforce, split by nation:

CountryShare of Women in Cybersecurity Workforce
Italy26.7%
Singapore26.2%
Canada21.2%
India20.9%
Mexico19.9%
Brazil19.7%
Australia19.1%
US18.3%
UK17.9%
Spain17.5%
Poland17.2%
France16%
Netherlands15.9%
Germany14.6%

And here’s how the proportion of women in cybersecurity has shifted in the space of a year:

CountryChange in Share of Women in Cybersecurity Workforce
Brazil4.45%
Poland3.55%
Germany3.11%
Netherlands2.38%
UK2.34%
France2.3%
Canada2.12%
Australia1.92%
India1.6%
Italy1.44%
US1.22%
Spain1.04%
Mexico0.4%
Singapore0.08%

Interestingly, there is a clear divide between men and women when it comes to specific cybersecurity roles. For instance, informatics nurse specialists, clinical support specialists, and clinical administrators are areas of work dominated by women.

Female-dominated cybersecurity jobs:

Male-dominated cybersecurity jobs:

Age

The average cybersecurity specialist is 42.4 years old.

There isn’t a significant variance between the average ages for different genders or races. 

Nonetheless, the oldest group is white females, who are an average of 47 years old, compared to white males, who average 42 years of age.

At an average of 37 years old, the youngest group is Hispanic/Latino females. That’s 4 years younger than the equivalent male group (41 years old).

The majority (60%) of cybersecurity specialists are over 40 years old. Another approximately 30% are aged 30 to 40. And just 11% are between the ages of 20 and 30.

Ethnicity

Around 2 in 3 (65.7%) cybersecurity professionals are white. That figure has slowly dropped from 76% in 2010, with the field becoming slightly more diverse.

This is how the cybersecurity workforce is split by ethnicity:

Ethnicity2010 ProportionLatest ProportionChange
White76%65.7%↓ 10.3%
Asian7%9.6%↑ 2.6%
Black/African American8%9.2%↑ 1.2%
Hispanic/Latino6%9%↑ 3%
Unknown6.1%
American Indian/Alaska Native0.4%

Education

A Bachelor’s degree (obtained online or in-person) is the most common type of degree obtained by cybersecurity professionals – over half (56%) of all cybersecurity specialists have one.

In total, 96% of cybersecurity specialists have some form of higher education.

Here’s a breakdown of degree levels within the cybersecurity industry:

DegreeProportion
Bachelor’s56%
Associate23%
Master’s14%
High School Diploma4%
Other Degrees3%

In the US, just under 3 in 4 (72.94%) cybersecurity professionals hold a Bachelor’s degree or higher.

Here’s the proportion of cybersecurity professionals with Bachelor’s degrees:

CountryShare of Transitions into Cybersecurity Jobs by Bachelor’s or Higher Degree Holders
India85.06%
Singapore78.8%
Mexico77.79%
France73.91%
Canada73.24%
US72.94%
Australia72.41%
Germany69.3%
Netherlands68.76%
Brazil67.54%
Poland65.35%
Spain65.28%
UK64.22%
Italy62.52%

Sources: Zippa, ISC2, LinkedIn

Pay & Position Disparities

Education

Unsurprisingly, there is a strong correlation between the level of education and wages in cybersecurity.

Those with an Associate’s degree or some form of College degree take home $81,263 every year.

By comparison, professionals with a Bachelor’s degree as their highest form of education earn $93,788 per year, or around 15.4% more.

While cybersecurity specialists with a Master’s degree (both online and in-person) average $102,065 a year, 8.1% more than Bachelor’s degree holders, and 25.6% more than professionals with Associate’s degrees.

And this disparity is likely to widen. In the US, nearly all (94.38%) cybersecurity job openings require a 4-year degree. That figure is nearly 5x higher than any other country.

Here’s a look at the proportion of cybersecurity job postings that do not require a 4-year degree:

CountryShare of Cybersecurity Job Postings Not Requiring a 4-Year Degree
US5.62%
Mexico1.06%
Canada0.94%
Poland0.78%
Germany0.55%
Italy0.54%
India0.38%
France0.37%
Australia0.3%
Singapore0.29%
UK0.22%
Netherlands0.17%

Just under 1 in 3 (31%) organizations have no entry-level professionals working in their security teams.

This figure rises among small businesses, where 36% of organizations with fewer than 500 employees report having no capacity for entry-level cybersecurity staff. In these cases, limited budgets and leaner IT teams often mean that cybersecurity responsibilities are consolidated into existing roles rather than dedicated to new hires.

The absence of entry-level positions in smaller organizations reduces opportunities for new professionals to gain practical experience, which in turn contributes to some of the broader workforce shortages the industry is currently seeing.

Organizations with no entry-level or junior-level professionals within their security team:

Organization SizeNo Entry-LevelNo Junior-Level
Under 500 Employees36%21%
500-5,000 Employees30%14%
5,000+ Employees27%11%
All Organizations31%15%

Gender

There is an estimated 15% gender pay gap in the US. However, in cybersecurity, the difference is less pronounced.

On average, men working in cybersecurity earn $95,889 per annum, averaging around 4.6% more than women ($91,462 per annum).

Ethnicity

There are more notable differences in cybersecurity earnings when it comes to ethnicity.

Asian cybersecurity specialists outearn the rest of the population, averaging just over $100,000 each year. That’s 6.6% more than Black or African American cybersecurity employees ($93,506).

Here’s how cybersecurity wages vary depending on ethnicity:

EthnicityWages
Asian$100,135
White$97,753
Hispanic/Latino$95,522
Black/African American$93,506
Unknown$92,724

Sources: Zippa, LinkedIn, Pew Research Centre

Conclusion

Despite employing over 5.5 million professionals globally, the cybersecurity industry continues to face a variety of challenges.

While certain regions have seen workforce growth, overall global hiring momentum is slowing, and job satisfaction is declining.

Without greater investment in talent development, diversity, and equitable access to entry-level roles, growth may continue to stagnate.