For years the industry has lamented what’s been billed a vast gap between the number of qualified cybersecurity professionals and the number of open positions at organizations.

For the first time it seems as if that gap may be shrinking however.

That's at least according to a new survey, the (ISC)² Cybersecurity Workforce Study, which suggests this week that there are now 3.5 million individuals working in the field; that’s an increase of 700,000 professionals, about 25% more than last year’s workforce estimate.

That roughly correlates to a decrease in the aforementioned global workforce shortage too; (ISC)2 – a nonprofit association comprised of certified cybersecurity professionals - projects the gap is at 3.12 million, down from 4.07 million last year.

If those numbers hold steady they could match a prediction last year by research and market intelligence firm Cybersecurity Ventures that there’ll be 3.5 million unfilled cybersecurity jobs globally by 2021.

The (ISC)² study regularly surveys those working at least some capacity in cybersecurity. The latest asked employees from mid-April to mid-June, a span of time that at least at this point, was roughly the middle of the ongoing pandemic; 3,790 respondents who claim to spend 25% of their time to cybersecurity were surveyed.

While the numbers around the closing gap are promising, there's still a lot of work to do. More than half (56%) of those who responded told (ISC)² that their organizations continue to be at risk because of cybersecurity staff shortages. Fear, both around the lack of qualified professionals and funding for cybersecurity efforts, continues to permeate the industry. Half of those who responded, 56% said they were concerned about personnel spending, 51% said they were concerned about technology spending.

The numbers suggest the cybersecurity community still has a deep hole to climb itself out of. For example, the (ISC)2  says that judging from these numbers, the workforce needs to grow 41% in the U.S. and 89% worldwide in order to "effectively defend organizations' critical assets." Those numbers are still a nice shift from this time last year, when (ISC)² claimed a 145% increase in global workforce is needed to bridge the gap.

While the numbers are only a three-month sample, the ongoing pandemic has clearly helped reduce the gap somewhat. With more employees working remotely than ever before for the foreseeable future, COVID-19 has introduced a new vector for data risk and in turn, a need for defenders.

If this summer’s numbers are to be believed, the ongoing pandemic will likely contribute to numbers (ISC)²‘s next report but the nonprofit also believes that organizations who look beyond cybersecurity professionals, to career-switchers, and those who offer learning and professional growth, can help, too.