Cybersecurity continues to be a significant threat for governments, businesses and individuals around the world. From supply chain disruptions to ransomware attacks, cybercriminals have become increasingly sophisticated and the threat landscape more diverse. These cybersecurity challenges are compounded by a workforce shortage; there simply aren’t enough people with the cybersecurity skills needed to fill open jobs.
This is a global problem. By 2025, there will be 3.5 million cybersecurity jobs open globally, representing a 350% increase over an eight-year period, according to Cybersecurity Ventures.. We recently announced a national skilling campaign in the United States, where for every two jobs in cybersecurity today, a third goes unfilled. We’re working with community colleges to help close the gap and increase diversity in the profession. Today, Microsoft is announcing the expansion of our cybersecurity skills campaign to an additional 23 countries.
The expansion will see new targeted investments in the following countries: Australia, Belgium, Brazil, Canada, Colombia, Denmark, France, Germany, India, Ireland, Israel, Italy, Japan, Korea, Mexico, New Zealand, Norway, Poland, Romania, South Africa, Sweden, Switzerland, and the United Kingdom. These countries have an elevated cyberthreat risk, coupled with a significant gap in their cybersecurity workforces both in terms of the number of professionals employed in cybersecurity vs. the demand, as well as a lack of diversity.
Based on our research, we’ve created a Power BI to shed light on the cybersecurity skills gap in these countries:
As with our U.S. program, one of our goals is to ensure traditionally excluded populations have opportunities to enter the cybersecurity workforce, including women. The global cybersecurity workforce is woefully lacking in diversity: in the countries where we are expanding our campaign, on average, only 17% of the cybersecurity workforce are female. Leaving women out of the cybersecurity workforce leaves talent on the table and will only hurt our ability to close the skills gap. This isn’t just about equality, there’s a business case too: gender-diverse businesses perform better.
Global scale, meeting local needs
To address the cybersecurity skills gap, there are a few baseline elements that are needed around the world:
First, we need to better understand the skills gap and share best practices. As a broader community, we can’t solve a problem we don’t fully understand, which is why Microsoft is launching a new partnership with the Organization for Economic Cooperation and Development (OECD) to not only develop a detailed study on the skills gap in selected countries but also improve the ability to grow cybersecurity workforces through postsecondary education and training. Together with the OECD, we will make this data publicly available to allow both policymakers and businesses to make more informed decisions, and we will convene member countries to share learnings and best practices.
Second, anyone interested in pursuing cybersecurity as a career – whether students, people changing careers or current IT professionals – need access to industry-aligned skilling content so that they can train for these critical roles. That is why, as part of this expansion, we are offering free training for cybersecurity pathways through our LinkedIn Learning platform, including courses like “The Cybersecurity Threat Landscape” and “Cybersecurity Foundations.” Additionally, learners seeking more technical skilling opportunities can access free security courses through our Microsoft Learn platform with 47 Learning Paths and hundreds of hours of content.
Third, educational institutions need more teachers able and equipped to teach cybersecurity students, which is why we are partnering with educational institutions to provide curriculum. Through our Microsoft Learn for Educators program, we are providing all higher education institutions with access to free curriculum, educator training and tools for teaching, including coursework like Microsoft Security, Compliance and Identity Fundamentals, Microsoft Azure Security Technologies certification and more. We also provide faculty at all these institutions with access to additional resources including free practice and certification exams, curriculum integration support and more. To date, more than 1,000 institutions of higher education around the world have joined the program.
Fourth, we need to provide support to diverse and underserved job seekers. That’s why we are partnering with Ecole 42, a tuition-free global computer science training program with a mission to educate the next generation of software engineers, to make Microsoft cybersecurity content available to its 15,000 learners globally, using peer-to-peer learning and gamification. We’re also launching a partnership with Women in Cybersecurity, a nonprofit with the mission of recruiting, retaining and advancing women in cybersecurity, to expand their student chapters in these 23 countries, helping promote the retention and advancement of women in cybersecurity.
Finally, the cybersecurity skills gap will not be solved with a one-size-fits-all solution. In each of the countries where we are expanding our campaign, Microsoft will work with local education institutions, nonprofits, governments and businesses to develop a cybersecurity skills program that fits the unique needs of their own market – anchored in data about the cybersecurity skills gap in each country. That said, we are building the framework based on a common set of needs, and ensuring we expand access to tools we have available today.
Global expansion
Work is already underway. Here are just a few examples, and we’ll share more details about countries’ plans in the coming weeks and months:
In Colombia, the government has embarked on an initiative to increase its national cybersecurity capacity, including the implementation of professional training programs in areas such as digital security, information security, cybersecurity and critical infrastructure. Our cybersecurity skills work in Colombia will support this effort, helping people acquire cybersecurity and digital skills needed for in-demand jobs. That’s why we’re working with Servicio Nacional de Aprendizaje (SENA), a Colombian public institution that provides free vocational training to millions of Colombians, the Universidad de los Andes, a major private university in Colombia, and local nongovernmental organizations, to offer a “train the trainers” program to equip more than 68,000 Colombians, including 20,000 women, with the skills needed to help fill the many open cybersecurity jobs.
In India, we’re building off our existing CyberShikshaa program, which is helping break down the gender divide in the cybersecurity field. Since 2018, we have helped young women with technical training in cybersecurity with mentoring from industry experts, especially from women leaders in the field, followed by job placement assistance with leading companies. By 2025, the cybersecurity sector in India will have an estimated 1.5 million job vacancies. This represents a 42% talent shortage even as cybersecurity job growth is projected to grow by 32% by 2028, according to India’s Labor Bureau. The demand is there, but more must be done to meet it; most higher-education and technical institutes do not offer cybersecurity courses.
That’s why we have also partnered with ICT Academy, a nonprofit partner in India, to develop cybersecurity training programs for educators and higher-education students at 100 institutions in five states, with an emphasis on rural colleges. Through this initiative, CyberShikshaa for Educators, we’ll help more faculty become cybersecurity trainers, and then provide students cybersecurity training and job placement assistance to help them find new careers. In the first phase, we aim to train about 6,000 students and will then work with our partner network to connect students to job opportunities and internships.
A look at our U.S. progress – and a look to the future
In the five months since we announced our U.S. cybersecurity skills for jobs campaign, we are making progress. Today, we are working with 135 U.S. community colleges, providing access to free curriculum, educator training and tools for teaching. We’re sharing cybersecurity best practices with schools through the American Association of Community Colleges, the first of three cohorts we are providing grants for funding technical assistance to accelerate their cybersecurity programs. Finally, we’re granting scholarships to students seeking a degree or certification in a cybersecurity field. We are learning a lot and will share more in the months to come.
The number of cybersecurity attacks around the world is increasing every day, and increasing in complexity as cybercriminals continue to escalate their activity. People will be impacted no matter where they live. It’s critical that we invest in the cybersecurity workforce to ensure there are enough people with the skills needed to thwart these attacks and protect the digital ecosystem to keep organizations secure and people safe.