DecipherU is a cybersecurity career intelligence platform. Instead of marketing case studies, this page documents the public research that justifies aptitude-based and skills-based cybersecurity hiring: workforce data from BLS and ISC2, validity research from industrial psychology, and the NIST NICE Framework role taxonomy.
The cybersecurity workforce gap is structural, not cyclical
ISC2's 2024 Cybersecurity Workforce Study estimates a global gap of 4.8 million cybersecurity professionals, up from 4.0 million in 2023. The US Bureau of Labor Statistics projects information security analyst employment to grow 33% between 2023 and 2033, more than ten times the average occupational growth rate. Teams that screen only for credentials compete for the same narrow pool; teams that screen for aptitude widen the pool without lowering the bar.
Source: ISC2, 2024 Cybersecurity Workforce Study; BLS, Occupational Outlook Handbook, 2024
Cognitive aptitude outperforms experience for roles with novel problem solving
Meta-analytic research by Schmidt and Hunter (1998, 2016 update) established that general mental ability has a validity coefficient of ~0.65 for job performance in complex roles, the highest of any single predictor. Work sample tests score ~0.54. Years of experience alone scores ~0.18. Cybersecurity incident response, threat hunting, and security engineering all fall in the complex-role category where aptitude-based screening adds the most predictive power.
Source: Schmidt and Hunter (2016). The validity and utility of selection methods in personnel psychology: practical and theoretical implications of 100 years of research findings
NIST NICE Framework provides a shared vocabulary for role-specific assessment
NIST Special Publication 800-181 defines 52 cybersecurity work roles across 7 categories and catalogs the Knowledge, Skills, Tasks, and Abilities required for each. DecipherU's team assessments map directly to NICE work role codes so that candidate evaluation aligns with federal and industry standard task statements rather than vendor-specific certification content.
Source: NIST SP 800-181 r1, NICE Workforce Framework for Cybersecurity, 2020
Holland codes and work-style profiles predict retention in technical roles
Person-environment fit research from Holland (1997) and Kristof-Brown et al. (2005) shows that vocational interest alignment predicts 24-month retention in technical roles with a correlation of approximately 0.25. For cybersecurity roles with high burnout rates, retention signal is a primary hiring outcome. DecipherU's assessments include Holland-coded interest profiles calibrated to cybersecurity sub-domains (SOC analyst, red team, GRC, incident response, cloud security, identity).
Source: Kristof-Brown, Zimmerman, and Johnson (2005). Consequences of individuals' fit at work: a meta-analysis of person-job, person-organization, person-group, and person-supervisor fit
Credential-first screening excludes high-performing career changers
CyberSeek tracks cybersecurity job postings and notes that over 60% require certifications that have entry-level candidates systematically excluded. The NICE Framework explicitly states that certifications signal training completion, not job performance. Skills-based and aptitude-based screening lets teams evaluate career changers from IT, military, law enforcement, and analytical backgrounds without requiring them to first purchase a $500+ cert exam.
Source: CyberSeek.org workforce gap data; NIST NICE Framework guidance on credential use
Named case studies coming as customers complete hiring cycles
DecipherU is working with early-access cybersecurity employers. We will publish case studies here only after a full hiring cycle completes and the customer agrees to be referenced. We will not publish fabricated or composite case studies.