Cyber Security: Recruiting challenges during a skills shortage
Facebook. British Airways. Ticket master. What do these companies all have in common, besides being some of the biggest household names on the planet? Well, while you might expect these companies to have the most sophisticated cyber security out there, each of them has experienced major data breaches over the past 12 months.
A security flaw saw hackers gain access to the personal data of 15m Facebook users, whereas British Airways had 100,000s of their customers' payment details stolen across a 15 day period. The incident at Ticket Master resulted in tens of thousands of their customer’s data being stolen including logins, addresses, phone numbers and payment details. With so many users and customers between them, it’s not hard to see what attracted these cybercriminals to these particular companies. But unfortunately, these cyber-attacks aren’t isolated incidents and it’s not just major companies that are being targeted.
Small businesses aren’t safe
A new report has found that 43% of all UK businesses across all industries have experienced a breach or cyber-attack over the past 12 months, with larger firms identifying that they had an average of 12 attacks each year and small businesses report to have had at least one. With so many attacks occurring and a strong likelihood that they will continue to increase, it’s not hard to see why 74% of UK businesses are prioritising making cyber security a key aspect of their digital transformations.
However, despite companies crying out for cyber security talent, they are struggling to recruit the talent they desperately need due to a skills shortage in the cyber security sector. As hackers become more sophisticated in their approach and cyber attacks happen more frequently, there just aren’t enough experts entering the workforce at the same rate to help tackle them. It’s becoming such a big issue that industry insiders are already predicting that there could be as many as 3.5m unfilled cyber security roles by 2021.
This sadly leaves many companies in the predicament of only being able to react when an attack occurs, rather than using the expertise of cyber security professionals to strengthen their online security measures and prepare in advance.
How to overcome the shortage
Even though fantastic progress is being made to increase both the numbers and diversity of people entering the cyber security workforce, it seems that there isn’t an end in sight for this skills shortage just yet. If it’s going to start protecting itself from further cyber attacks, companies such as yours will need to start adopting some out of the box thinking if it wants to attract cyber security professionals to it's door. With stiff competition, not just from your own industry but from other industries too, it’s not going to be easy. But often the hardest of tasks are usually the most worthwhile.
Here are some strategies we think could help your organisation to bridge the cyber security skills gap so you can hire the best talent sooner rather than later.
Make yourself seem appealing to tech-talent
It’s a sad fact that big companies within the tech industry are most likely to be the first port of call when many cyber security professionals are looking for a new role. However, 33% of cybersecurity executives arrived in the industry via non-technical careers, so you’ve still got a chance.
To ensure that you’re making yourself look as attractive as possible, it can be beneficial to bring in a tech consultant who can help you to determine your cyber security needs. They can also show you how to integrate more technology into your company’s strategic plans and give you a clearer understanding and appreciation of the impact it can have on your company growth and productivity. If you can demonstrate all of this to prospective talent during their interview, it will give them confidence that you value security and technology, which is something they will also value too. Offering perks such as remote working and investing in the latest security systems and IT hardware can't hurt either.
Upskill your existing team
It’s unlikely that you’ll get a barrage of cyber security professional applying for your roles as soon as you put a job ad out. Even if you’ve enlisted the help of a recruitment team, it can take a bit of time to find the right people for your organisation. But instead of leaving your organisation vulnerable to attack, your company should be utilising this time to upskill your existing workforce.
The evolving nature of cyber security threats and data breaches means that ongoing training is essential if you want your company to remain secure. You never know, it may also prove to be an alternative to hiring cyber security experts altogether. To achieve this, you should invest in a robust training program provided by more experienced members of your IT team or by outsourcing to a cyber security training specialist.