Cyber-crime is big business. The fact is that securing online systems can be terribly difficult. Software is complex and ensuring that there are no easily exploitable vulnerabilities in your online systems takes constant vigilance. Security testing alone won't protect you. Secure architecture alone won't protect you. Continuous static code analysis alone won't protect you. It takes all of the above and more.
You need security awareness across all facets of your business. You need security-aware software architects and developers, as well as security-aware product management, project management, SDLC management and C-level leadership and indications are that they will become more and more expensive and hard to find over the course of the foreseeable future.
Cyber-security labor crunch to hit 3.5 million unfilled jobs by 2021
"Every IT position is also a cybersecurity position now" according to the Cybersecurity Jobs Report, 2017. "Every IT worker, every technology worker, needs to be involved with protecting and defending apps, data, devices, infrastructure, and people."
This article from September 2016 shows that the industry hit a zero-percent unemployment rate at that time, with over 1 million un-filled positions. That's a actually a substantial negative unemployment rate. It's been almost a year since, and the demand is only rising.
This trend should be alarming to business owners and IT directors. If you are involved in IT then you should be building hiring and retention policies that will make you competitive in the security-focused job market. Cyber-security experts, developers and architects earning quite a bit more than their supervisors and managers is something we all need to get used to.