deepagopi2011 - Fotolia
Firms are becoming increasingly vulnerable as a result of employees lacking necessary IT security skills.
Research by IT systems firm Robert Half Technology has found a skills shortage in the security space is leaving firms exposed to cyber attacks, with 34% of firms planning to increase their staff to respond to threats they are facing.
More than three-quarters of CIOs in the UK think security threats will increase over the next five years as a result of a lack of IT security talent.
Neil Owen, director at Robert Half Technology, said: “The prominence of cyber breaches has lifted the demand for cyber security experts as cyber risk becomes a company-wide point of discussion.”
“An insufficient number of specialists entering the IT market has forced organisations to consider effective retention programmes, training existing staff, partnering with educational institutions and developing flexible hiring policies that include both permanent and contract specialists,” he added.
The technology sector as a whole is suffering from a skills gap, with many people resorting to up-skilling internal employees to fill vacant roles.
Firms are increasingly looking for people with soft skills as well as technical skills. Owen said providing insights from data analysis and communicating IT security issues to others in the firm are important for an IT security employee.
Cloud security skills are the most sought after for IT firms, but they are also the most challenging to find among potential candidates.
Read more about cyber security
Skills in understanding IT security technologies are also in high demand and difficult to find, and big data and analytics are desirable skills in firms. In response to increasing cyber security threats, some firms are also employing a chief information security officer (CISO) to manage IT security processes.
To address the growing skills gap, initiatives such as the Cyber Security Challenge are aiming to scope out talent across the UK that could fill vacant security roles in organisations.
To combat the expected increase in cyber security, businesses have been advised to be proactive in policy development, use analytics to detect risk, involve the enterprise as a whole in processes and ensure all existing IT professionals are equipped with security skills.