Back To Resource Center

Published: December 29, 2023

Security 3-2-1 Week of 12/29/23

By Annie articles

3 Interesting Articles

Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers
Dark Reading: Despite concerns of a cybersecurity worker shortage, the reality in the industry shows a mismatch between companies’ needs and job seekers’ qualifications. Companies struggle to find knowledgeable cybersecurity professionals, with a current workforce fulfilling only 72% of the demand. However, job seekers argue that companies set unrealistic requirements, with about 85% of job postings demanding a bachelor’s degree, despite only 60-70% of current cybersecurity workers holding one. This has led to a situation where only those with the right education, skills, and network find success, while many others struggle to find opportunities. In the upcoming year, the cybersecurity job market is expected to be impacted by recent economic tightening, potentially leading to a decrease in demand. While the threat landscape continues to evolve and geopolitical tensions rise, the need for cybersecurity remains critical. The challenge lies in reconciling the gap between the available workforce and the specific skills and qualifications companies are looking for. As a result, both job seekers and companies need to adjust expectations and strategies to effectively address cybersecurity needs in a changing economic and digital landscape. Alternative solutions, like TalPoint, offer both companies and expert talent a way to bridge the gap.

Top 5 Cybersecurity Mergers and Acquisitions 2023
Infosecurity Magazine: The cybersecurity market is anticipated to grow from $153.6 billion in 2022 to $424.9 billion by 2030. However, the global economic downturn has led to budget cuts and staff layoffs in this sector. In 2023, mergers and acquisitions (M&A) in cybersecurity saw a decline in both volume and value, with a cautious approach being observed in the market due to high asset values and increasing capital costs. Despite the cybersecurity sector being relatively young and fragmented, it’s anticipated to see significant M&A activity in the future as the market matures and company valuations stabilize. This anticipated consolidation aims to create more streamlined and comprehensive offerings for customers. Among the significant M&A deals in 2023 were a digital communications giant’s record $28 billion acquisition of a cybersecurity and observability firm, a French aerospace and defense firm’s $3.6 billion purchase of a US cybersecurity company and a private equity giant’s completion of its $2.3 billion acquisition of ForgeRock, an identity and access management company. These deals highlight the ongoing strategic importance and dynamism of the cybersecurity industry, despite current economic challenges.

Why 2024 will be the year of the CISO
CSO: In 2023, Chief Information Security Officers (CISOs) grappled with unprecedented challenges and heightened legal exposure. Key incidents include Joe Sullivan, ex-CISO of Uber, receiving a 3 year probation for not reporting a data breach, and Tim Brown of SolarWinds facing SEC fraud charges. CISOs are adapting to complex new regulations like the SEC’s cyber-incident reporting mandate and the EU’s NIS2 directive, both of which intensify the focus on risk management and business continuity across various sectors. Looking ahead to 2024, the CISO role is poised for major transformations. The sector is bracing for a potential shortage due to job stress and legal risks, potentially driving a spike in salaries and benefits to attract skilled professionals. Organizational shifts are expected as well, with more CISOs likely to report directly to CEOs, playing a larger role in corporate governance and compliance. Finally, the CISO role might be split into two distinct functions: one focusing on business and regulatory compliance, and the other on technical cybersecurity operations, to better manage the growing complexities in cybersecurity and digital infrastructure.

2 Stats You Should Know

The cybersecurity labor market remains tight with a supply-demand ratio of only 69%. (source)

Joseph Lewis Popp was a ransomware pioneer. In 1989, he allegedly mailed floppy disks to recipients in the UK which were labeled “AIDS Information Introductory Diskette”, but contained the AIDS trojan which demanded $189 to “renew the license” by sending payment to a post office box in Panama. (source)

1 More Thing

We are grateful for your support and partnership throughout this year. As the New Year unfolds, we wish you health, joy, and prosperity. May 2024 be your best year yet!

Our large and diverse network of experts is here to help...

Charles M.


Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.

Ellen K.

GRC Expert

Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.

Zachary C.

Founder and CRO

Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.