It’s a refrain I’ve been hearing for the past 18 months from clients all over the world: “We need more skilled people for our security team.”

The need is real and well-documented. A report from Frost & Sullivan and (ISC)2 found that the global cybersecurity workforce will have more than 1.5 million unfilled positions by 2020. But the security industry is a fast-growing market, with IDC pegging it as becoming a $101 billion opportunity by 2020. So what’s causing the talent shortage?

One of the big reasons is that security businesses tend to look for people with traditional technology credentials — college degrees in tech fields, for example. But security is truly everyone’s problem; virtually every aspect of personal and professional data is at risk. So why are we limiting security positions to people with four-year degrees in computer science, when we desperately need varied skills across so many different industries? Businesses should open themselves up to applicants whose nontraditional backgrounds mean they could bring new ideas to the position and the challenge of improving cybersecurity.