During layoffs and hiring freezes, when shortsighted businessmen choose temporary savings over long-term wins, visionary employers are scooping up top cyber talent.
Mass layoffs, hiring freezes, market uncertainty, and rushed AI integration crack businesses wide open to cyberattacks. Visionary leaders, however, can see the current situation as a rare opportunity to snatch talent in between jobs.
Current cybersecurity landscape
Cybersecurity is no longer on the margins. Reactive approach to cyber incidents is being replaced by proactive measures to prevent cyberattacks. But while the necessary tools and innovation to fend off attackers might be in place, specialists are nowhere to be found. And the situation is getting even worse every year.
According to The 2024 ISC2 Cybersecurity Workforce Study, the cybersecurity workforce gap is around 4,8 million, or 19% higher than the previous year. I would expect the demand will keep outpacing talent supply because of two main reasons:
- Businesses favor AI over inexperienced workers. According to a 54‑page Stanford paper titled “Canaries in the Coal Mine? Six Facts about the Recent Employment Effects of Artificial Intelligence,” employment among early‑career workers (ages 22–25) in AI‑exposed sectors—such as software engineering and customer service—fell by about 13%. More experienced workers who could oversee AI are needed. But not all companies recognize the need to grow and upskill talent themselves.
- AI is being implemented hastily by organizations and threat actors alike. Companies are eager to deploy AI tools to pursue the promising opportunities these technologies offer, often without realizing that doing so introduces additional security risks. Attackers, in turn, leverage AI at scale to automate the discovery and exploitation of vulnerabilities.
Recently, the The World Economic Forum (WEF) urged companies to implement cybersecurity measures at the speed of AI implementation as “AI introduces risk at the same rate as it introduces efficiencies.” They say security has to be a part of the strategic business roadmap.
But given there aren’t enough specialists, is that easier said than done? Let me make a brief detour and give you a quick overview of the current job market to show that hope is not lost just yet.
What’s happening with the job market and why it matters
If you asked me to describe it in one word, I’d say: uncertainty. Between market frenzy and AI‑bubble talk, and a rush to cut operational costs, employers seem unable to settle on a long‑term hiring strategy.
In the US, 7.2 million people (about 4.3%) are unemployed. Federal and AI-related layoffs, global trade tensions, and AI‑fueled uncertainty have left tens of thousands struggling to find jobs despite months of searching.
But businesses with a long‑term vision see opportunity. The talent pool has grown, making it easier to find the right candidate. Cybersecurity insiders say people are now more willing to relocate for work, and many value stability over salary—often accepting raises of only 3–4% instead of the 10–15% that was typical before.
Time to tap the bigger talent pool
AI is already replacing many intern tasks, especially in IT roles like programming, and companies are automating other functions such as customer support. But treating this shift as a looming catastrophe would be a mistake.
While AI automates some tasks and renders certain roles redundant, it also creates new jobs — and cybersecurity stands out as a clear growth area. Cybernews’s in‑house investigations show that automation has, so far, introduced fresh security risks for organizations. For example, Lenovo’s chatbot Lena could be compromised, giving attackers a way into internal systems.
Our researchers even outsmarted Meta AI, showcasing even the biggest players need more input and talent when it comes to the security of their systems.
As autonomous AI agents become capable of solving problems and acting on users’ behalf, the attack surface that cybersecurity teams must defend will only expand.
“Cybersecurity is one of those rare fields where AI creates more work than it automates away,” a security insider told me.
We will not only need more people to defend our systems, but we will need more highly skilled people. In the short term, market turmoil may give employers a larger candidate pool, but that’s no substitute for a long‑term talent strategy.
To meet future business needs, we must invest in young people now. Some intern tasks can be automated, but hiring and training juniors remains essential. Firms that focus solely on short‑term savings risk losing out — it’s wiser to invest in the next generation of talent.
ISC2 highlighted that investing in entry-and junior-level talent is key to building a more resilient cybersecurity workforce.
The more we automate, the more human input we’ll need. When searching for talent, cherish non‑technical skills like problem‑solving, analytical thinking, and a willingness to learn on the job.
In the age of AI, prioritize people.
