Shortage of cyber security skills leaves businesses vulnerable

Nick Elvin

A lack of available talent with the right cyber security skills presents a significant danger to British businesses, according to a City-based specialist recruiter.

Responding to a recent report by EY, which found that organisations remain generally unprepared for cyber attacks, Cornucopia IT Resourcing is warning that the unless the deficit in the number of available cyber security professionals is addressed, UK firms will remain a target.

The company points out that, according to Department for Business Innovation and Skills statistics, 93% of large companies and 87% of SMEs have suffered at least one security breach in the past 12 months, at an average cost of £450k-850k and £35k-65k respectively.

Janek Formella, managing director at Cornucopia IT Resourcing, said this has fuelled a demand for cyber security experts which the industry is struggling to meet.

“Incidences of cyber security breaches in the UK have risen sharply over the last 12 months, and they will continue to do so for the foreseeable future if left unchecked,” he said.

“Estimates suggest that as many as 200,000 cyber security professionals are needed to counter the billions of cyber threats to the UK each year.

“Of concern, however, is that many organisations lack the necessary skills needed to fully protect themselves against cyber crime. This is leaving more than one in three organisations completely unprepared or adequately protected against a cyber attack.”

Formella said cyber security skills in high demand include implementing secure systems, operational security management, incident management and information risk management, and assurance roles.

“Cyber security threats cost around 1.7% of the world’s GDP every year,” he added. “Yet what is worrying are the findings of the EY report, which state that as many as 43% of all organisations still have no plans to increase their cyber security budget in the near future.

“The recent spate of high profile cyber security breaches involving AT&T, JPMorgan Chase Bank, and Target, costing $148m in the case of the latter, have highlighted the critical need for both industry and government organisations to invest in improving the skill set of the talent already available, whilst setting the foundations in place now to improve the talent pipeline moving forward.”