16 February 2017

2016 was the year of the hack with record numbers of cyber-attacks and large-scale data breaches across many industries. In light of this, cyber security specialists are now in serious demand, however, news has surfaced that the shortfall of specialists is set to get worse in the next five years. This could be disastrous not only for businesses but the country’s entire cyber defence could be compromised if we don’t act now.

A new survey was carried out by the Centre for Cyber Safety and Education sponsored by (ISC)² which involved over 19,000 cyber security professionals. The findings make for uncomfortable reading. The world will have a shortfall of 1.8 million cyber security staff by 2022, this figure has increased by 20% compared to an earlier five-year prediction made in 2015.

The survey also found 66% of British companies are chronically understaffed to handle the growing online threat. Businesses around the UK have been called out by Chancellor Philip Hammond to sharpen their approach as he revealed a shocking fact - "Nine out of 10 businesses don't even have an incident management plan in the event of a cyber breach," he said.

Data from the survey suggest that employers are closing the door to many millennials with only 6% of UK respondents stating that they will recruit from university graduates. Currently, only 12% of the cyber security workforce is under the age of 35 in contrast to 53% that are over the age of 45. It is important for businesses to hire more millennials to balance the skill levels and prevent a ‘cliff edge’ situation when the majority gets closer to retirement.

Consequently, by failing to hire the younger generation to pursue cybersecurity professions, wages for the current workforce has inflated. Almost three-quarter of UK security professionals earns over £47,000 a year and 39% command annual salaries of over £87,000 according to the data. It is evident that a skills shortage is causing the inflation of wages as more businesses struggle to find talent in a scarce market.

A new National Cyber Security Centre has just been opened by the Queen and Prince Philip in response to the security shortfall. NCSC is a new part of the intelligence agency GCHQ and is designed to make the UK’s cyber defences the strongest in the world, through working with intelligence agencies, government bodies, private businesses and the public. GCHQ claims the UK is currently facing 60 serious cyber-attacks per month, the new centre will surely go some way in addressing the issue, but without looking at the problems facing the workforce we could well be sitting on a ticking time bomb.

Find more information about the new NCSC.