Our digital capabilities have been tested like never before in the last 12 months, both personally and professionally, with the global health crisis forcing many people into remote working and to do as much they can online, from socialising to shopping.
Yet this increased reliance on digital technology has also exposed our cyber vulnerabilities. As early as March 2020, a report revealed that 80% of malicious activity had the coronavirus as the main theme in online attacks. What’s worse is that with such a high level of cyber threat, cyber security skills are still severely lacking across UK businesses.
Recent government-commissioned research by Ipsos Mori into the UK cybersecurity labour market found that almost 48% of organisations in the UK are unable to carry out even basic cyber tasks. Further, 64% of cyber firms have faced problems with technical cyber security skills gaps, either among existing staff or among job applicants, with 25% saying that such skills gaps have prevented them to a great extent from achieving business goals.
While demand for cyber roles is increasing, businesses are clearly finding it difficult to source, hire and train new employees at the same rate. Below we explore what businesses can do to manage the need for cyber skills within their business and how they can recruit the best people for the job.
The first hurdle to overcome when recruiting cyber talent, particularly at entry-level, is not to disregard a potential candidate if they do not have a technical, or cyber specific, background. While experienced cyber security professionals are hard to come by, there is no shortage of motivated, enthusiastic young candidates with a STEM background who would quickly become valuable additions to the team. These candidates have a pre-existing understanding of the sector and once brought on board can be given specific cyber skills training tailored to the needs of the business. This ensures a steady influx of junior talent that will help to tackle the cyber skills shortages at all levels within the company in the long term.
Similarly, it is also important to consider how these roles are being advertised, to ensure that those who may have the suitable skills are being targeted in the correct way. The technology industry has commonly faced complaint for its lack of diversity, with only 15% of the technology industry being female, in comparison to 28% in the wider digital sector, and only 16% of tech employees coming from BAME backgrounds.
This may partly be because not enough people from these groups are being introduced to the profession at a young age, and therefore do not have the required qualifications. However, it is equally possible that these candidates do have the skills but are not being targeted correctly.
Businesses should therefore work to amend their job requirements, publicising their roles to a wider variety of people and can actively encourage these candidates to apply. They should also make use of proofing tools when drafting their job adverts to identify and amend words or phrases that may unintentionally discourage applicants from certain demographic groups.
Whilst new employees can be given cyber training once they join a business, it is also possible for businesses to upskill their current workforce, especially if hiring is not currently possible.
Reskilling programmes allow existing employees to be moved into tech, and cyber specific roles, in a cost-effective way, while also preventing redundancies in other departments.
These programmes can prioritise skills that a business needs and allow current employees to add to their existing skillset. This not only adds to their career development and enhances their value to the business, but it also minimises the time and expense a business can spend on external recruitment, and removes any risks associated with making a bad hire.
Investing in reskilling programmes can also demonstrate to those outside of the business that there is an opportunity for progression and variation within the company too, helping to improve an organisation’s employer brand.
The cyber skills gap continues to grow and has been widened even further as a consequence of the coronavirus pandemic. More and more businesses are needing to find new ways to find new talent as well as looking for cost-effective ways to upskill their current workforce to monitor this growing demand for cyber expertise. To manage this demand businesses should not only prioritise their talent recruitment practices, ensuring that more career starters and diverse candidates are welcomed into the sector, but also invest in reskilling programmes as a cost-effective, sustainable way of bolstering their cyber security team.