Ready to Start Your Career?

Cybersecurity Skills Gap Analysis

Darcy Kempa's profile image

By: Darcy Kempa

June 11, 2021

A skills gap analysis is one tool that can be used to improve an organization’s cybersecurity position. It is a measurement between a current level of performance and a desired level of performance. While the analysis will focus on employee skills, it can uncover problems with a company’s policies, hiring practices, or training programs. This analysis can be time-consuming, but the benefits can provide significant savings and a roadmap for success.

Cybersecurity Skills Gap Analysis

This analysis focuses on employees working in cybersecurity. These can be engineers, technicians, penetration testers, etc. These people may be identified by the word “cybersecurity” in a job title or position description. They may also be identified in an organizational chart if the business has a specific cybersecurity department or if cybersecurity is listed as a role under a different department like IT.

The methodology defined in this article does not follow many traditional precepts. It does, however, provide an easy-to-understand approach to the subject. At the core are four activities that should be followed in succession to ensure a successful analysis. The four activities define the desired end state, data collection, compilation and analysis, and follow-up.

1. Define the Desired End State

Defining the desired end state first is like setting organizational, or cybersecurity, goals. They may be to improve performance to a certain level or to reduce problems or incidents. Likewise, these objectives may include new technologies, industry standards, or consumer desires. The point of this activity is for the organization to define where and what it wants to be in the future. The remaining activities will help develop the road map to get there.

There are several documents to aid in this effort. The first is previous cybersecurity audit results. These can show problem areas that can be deficient because of a skill gap. Another potential source of information is customer complaints. These would include web page design, network downtime, or other areas that need improvement. Finally, industry trend reports and forecasts may identify new workforce skills required for future success.

2. Data Collection

Collecting data can take place using a multitude of methods. These include surveys, individual interviews, focus groups, assessment tests, or questionnaires. Regardless of methods, each must focus on collecting information on an employee’s job duties and performance. Job duties are the tasks an employee completes as part of their role within the organization. On the other hand, job performance focuses on identifying how often and how well an employee performs a specific task. These two, together, indicate how an employee normally spends their day at work.

During the data collection effort, it is possible to identify how the employee was trained for a specific duty. The options may include formal education/school, on-the-job training, self-taught, or possibly a previous employer. The goal of this is to begin to develop insight into the relationship between performance and training.

3. Compilation and Analysis

The compilation portion focuses on taking the collected data and grouping it into meaningful categories. The most logical way to categorize the information is by job duty. This enables a direct comparison between all employees performing a specific task. An organization may also decide to break the information down further according to shift, if applicable.

The analysis part of this activity involves reviewing the collected data as compared to the desired end state. One goal is to identify trends or relationships that lead to poor performance. This can help identify potential training to help overcome deficiencies. Another effort is to develop a better understanding of how much time is being spent on each task. This can identify an “average time” for a task—employees who take longer than the average should be candidates for closer scrutiny and possibly corrective training.

The analysis activity may require reviewing company policies, procedures, and hiring practices. A lack of a company-sponsored training or employee development program could be a causal factor for creating a skills gap. On the other hand, hiring new employees based on an outdated position description could mean an ongoing, self-inflicted skills gap.

4. Follow-Up

This activity involves presenting post-analysis conclusions to the employees and supervisors for validation. This is necessary to ensure that each supposition is based on factual data and a recommended corrective action is valid. Once completed, the analysis is ready to be presented to senior management for action.


A cybersecurity skills gap analysis is a good tool for identifying deficiencies and improving performance. The results can be used as a checklist for corrective actions.

Important Training Options

Cybrary provides online training courses in information technology and cybersecurity. These courses cover various subjects, from project management to penetration testing to auditing.

Schedule Demo