Tierney - stock.adobe.com
Only 10% of IT professionals have the cyber security skills the UK’s tech sector currently needs, according to a study.
Research by recruitment firm Robert Walters and data firm Vacancysoft found that 58% of hiring managers put information security as their most required skill, but only a small number of tech workers have the skills these firms are looking for.
In Europe, 70% of companies have stated they do not have appropriate cyber security talent, with a shortage of around 140,000 skilled workers in the region.
James Chaplin, CEO of Vacancysoft, said: “The rapid pace of digital transformation bought on by Covid-19 led to a surge in recruitment at the beginning of this year. As a result, cyber security is becoming an ever-greater part of the technology function.”
Many claim that the move to remote working has led to an increase in cyber attacks. According to Robert Walters and Vacancysoft, UK small and medium-sized enterprises (SMEs) are suffering 65,000 attempted cyber attacks every day and, if successful – which around 4,500 are – can cost up to £2.48m per instance.
Most jobs have been affected during lockdown, with Robert Walters and Vacancysoft finding a 40% drop in demand for IT roles in the first half of 2020, but cyber skills remain in demand with positions in cyber security increasing 6% during this time.
Cyber security vacancies now account for around 5% of vacant technology job roles, an increase from 3.5% in 2018.
According to Darius Goodarzi, principal of information security and IT risk at Robert Walters, security operations centre (SOC), the top four in demand cyber roles this year are security engineer, security awareness manager, and chief information security officer (CISO), as firms attempt to increase their cyber provisions in the wake of the pandemic.
When looking for cyber talent, demand for cyber workers with Amazon Web Services (AWS) skills has increased by 62% since 2019, but cyber workers with these skills only make up 3% of the talent pool.
Similarly, there has been a 50% year-on year (YoY) increase in job adverts looking for cyber workers with security information and event management (SIEM) skills, and 30% YoY increase in searches for cyber talent with ethical hacking skills, but only 1% of the cyber talent pool has these skills.
But cyber talent also expect a lot from a potential employer, with 55% of cyber professionals claiming they value job offers where they will be able to maintain a healthy work-life balance, and 35% think being able to work flexibly makes a business look more attractive.
When it comes to hiring cyber professionals, the technology, financial services, and customers goods and services sectors are the most keen, with cyber hiring in the financial services sector increasing 38% over the past three years, and cyber hiring in the tech, media and telecoms sector increasing 35% over the same time.
There are around 43,000 cyber workers in the UK, according to Robert Walters and Vacancysoft, but around half of businesses currently do not have the appropriate cyber security measures in place to allow 100% of staff to work from home.
As the coronavirus pandemic has forced many people to work remotely during lockdown, there has been speculation that roles will begin to be less London-centric as companies embrace home working.
Demand for roles in cyber security are shifting outside of the London bubble, with the number of London-based vacancies in cyber roles dropping by 10% since 2018 to 40.7%.
Outside of London, there has been a 138% YoY increase in the number of advertised cyber jobs in Yorkshire and the North East of the UK, and an 85.7% increase in the South West.
But this increase in home working has also highlighted challenges for firms, with ransomware and phishing attacks the main drivers for many to increase their cyber security provision in 2020.
Read more about cyber and coronavirus
- Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19.
- HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June.