10/09/2020 – News / Business / Cyber-Security / Online / Remote Working / Skills Gap / HR / UK / Infosec
UK’s acute cyber-security talent shortage is “a ticking time-bomb”, finds new study
A new study suggests that half of UK companies do not have adequate cyber-security provision to allow for 100-per-cent remote working. And in Europe as a whole, the situation is even more concerning.
Whilst 58 per cent of the UK’s tech hiring managers list info-security as their most required skillset right now – only 10 per cent of tech professionals in the country actually possess the right skills to help plug the gap.
The findings come from a new report by global recruiter Robert Walters and data provider Vacancysoft – Cybersecurity: Building Business Resilience – which highlights how the problem is far worse on a European level, with 70 per cent of companies stating that they do not have a sufficient cyber-security team and are having to deal with a talent shortage of 140,000 personnel across the continent.
Remote working opens floodgates to online breaches
“The move to remote working, cloud-based file sharing, rise in video calls, and cashless transactions has highlighted to all businesses the importance of adequate IT security to allow for business continuity and protection from online breaches,” commented Darius Goodarzi, Principal - Information Security and IT Risk at Robert Walters.
“In fact, there are over 65,000 attempted cyber attacks on UK SME’s every day – with around 4,500 being successful at a cost of £2.48m per instance,” he continued. “Given the cost – both financially and reputationally to businesses – it is surprising to hear that cyber-security only accounts for 5.6 per cent of total IT spend in a company.”
Cybersecurity roles are nonetheless on the rise
There are approximately 43,000 professionals working in a fulltime cyber security related role in the UK – representing a 37-per-cent increase in employee jobs over the last two years.
Despite hiring freezes across the board during lockdown – including general IT roles which were down by 40 per cent for the first half of this year – cyber-security bucked the trend and job volumes increased by six per cent.
“The rapid pace of digital transformation brought on by Covid-19 led to a surge in recruitment at the beginning of this year,” informed James Chaplin, CEO of Vacancysoft. “As a result, cyber-security is becoming an ever-greater part of the technology function.”
Whereas in 2018 cyber-security accounted for 3.5 per cent of technology vacancies, so far this year it is above five per cent – and this growth is forecast to continue.
Top infosec roles in 2020
Darius Goodarzi shared the top job roles in demand within infosec this year:
1. Security Operations Centre (SOC) – As businesses take more steps to strengthen their cyber-security strategies, an SOC takes both a preventative as well as reactive approach, detecting potential threats, and implementing measures to prevent them from happening. In London, salaries for SOC have spiked by up to 10.5 per cent in large companies.
2. Security Engineer – The UK government has invested £10m in cyber-security solutions over the past year, with a pressing need for security engineers to implement new security products and install updates that enhance security around current IT platforms.
3. Security Awareness Manager – With businesses becoming more data-driven and staff gaining increasing exposure to commercially sensitive information, security awareness training is required to educate employees and provide data protection guidance to ensure compliance.
4. Chief Information Security Officer (CISO) - There is more technology in the workplace than there has ever been before, growing an organisation’s attackable surface. With this comes a realisation to the executive level that security is a key component in business continuity and operational performance - requiring an advocate to work alongside the C-suite to ensure compliance with security procedures.
Securing the best talent
Ajay Hayre, Senior Consultant Technology at Robert Walters, said that as businesses continue to invest in cyber-security software and adopt new platforms, there would be a heavy emphasis on Cloud skills, security engineering and site reliability engineering.
“Professionals involved in security orchestration with strong SIEM skills such as Splunk will be highly valuable, as well as AWS container security and micro service security architecture,” he told us in closing. “Businesses will have to make heady attempts to secure cyber-security specialists, where possible tapping into passive candidate markets to secure the best talent.”