Are Companies Turning to Recruiters to Help them with the Talent Shortage in Cyber Security?over 4 years ago by FJ Team
There has been huge growth in the search for recruitment agencies specialising in Cybersecurity.
Technology recruitment specialists, Finlay James conducted a recent study that identified a 93% increase year on year in people searching for cybersecurity recruitment and related terms in Google. The news comes after the ISC anticipated a worldwide shortage of 1.8 million cyber security professionals by 2022 but the lack of skills to tackle cybercrime is already causing problems.
The cost of cyber attacks is expected to reach $6 trillion, worldwide by 2020, according to Herjavec Group’s 2017 Annual Cybercrime Report. As cyber threats increase and cybercriminals become more creative in their attacks, industries and organisations must build stronger, and more innovative defences to protect against cybercrime – but finding qualified talent to do this is becoming increasingly more difficult.
What is causing the cybersecurity talent shortage? Ultimately, Finlay James believes this is due to the undeniable growth in system compromises and cyber attacks, combined with the volume of people now connected to the internet. This grossly increases the opportunity to cybercriminals and allows hackers new opportunities to penetrate organisations, both SME and Enterprise.
One of the most notable increases came from the term ‘cybersecurity recruitment agency’ which saw an increase of 155%. A cross-party Committee on National Security Strategy in the UK published a report in July 2018 that exposed, specifically the UK’s chronic lack of digital skills, even within its own security agencies. The report, Cyber Security Skills and the UK's Critical National Infrastructure said, "…although the UK has one of the most vibrant digital economies in the world, there is not currently the cybersecurity skills base to match ".
The committee heard from some of those at the forefront of the UK's cyber security industry - Ciaran Martin, CEO of the National Cyber Security Centre (NCSC), told the committee he found it a "constant and difficult challenge" to recruit the deep technical expertise needed. Finlay James’ CEO John Gaughan says “Finding qualified, cyber talent is a challenge - but is not impossible. The irony is, in a discussion around technology and online defence, it is actually the human-element to our approach to recruiting that allows our specialist consultants to find these people and build long-lasting relationships.”
How do we fix the problem? Finding a long-term fix to the cybersecurity talent shortage may prove quite a challenge. BCS, the Chartered Institute for IT said: "we need a critical mass of new blood entering the profession to close that skills gap".
Finlay James, who recently won an award for Security Recruitment Company of the Year at the Computing Security Awards, believe tackling the short-to-medium term problem comes down to three things; expanding your talent pipeline, paying ‘for what you get’ and developing a strategy for continuous growth and learning opportunities for your talent.
With clients in many niche areas of cybersecurity, Finlay James tackles the cybersecurity candidate shortage by looking beyond traditional technology backgrounds. In the US, the FBI often hire agents with accounting degrees and ex-finance professionals; partly due to the level of detail required in those roles, transfers well into cyber investigations.
Similarly, cyber skills are hard to come by and organisations need to be prepared to pay to get them. Being inflexible on pay will not attract the talent they need – even if they are able to hire talent, retaining them will become challenging, as talented cybersecurity professionals are bombarded with better offers of employment.
Finally, as the technology space changes, new systems and tools are constantly being developed and introduced to enterprise companies and your cyber team needs to know how to use them. Finlay James’ CEO John Gaughan says “Like with our own team here at Finlay James, it is vital to constantly re-skill and engage your cyber team with training. Cyber professionals often demand some kind of continuous learning and if you are not providing them with ongoing growth opportunities, someone else will.”
*The data has been put together in collaboration with SEO software tool SEOMonitor. Over the periods of February 2018 to August 2018 compared to the previous year. The raw data can be found here