01 Sep Cybersecurity Skills Gap set to cost UK £120 billion by 2023
The cybersecurity skills shortage continues to act as a hindrance to the economy, with a report from the Learning and Work Institute (L&W) finding the UK skills shortage will cost the country £120 billion by 2030. As a result, businesses are left in a challenging position, looking for innovative ways to bridge this gap. This comes as a new report from the Department for Science, Innovation and Technology, finds that half of UK businesses that recruit people in cyber roles lack the appropriate skills. In light of this, Claire Trachet, CEO of business advisory, Trachet and fractional CFO of global cybersecurity company, YesWeHack, highlights the innovative ways businesses can retain and recruit cybersecurity professionals amidst the talent gap crisis.
With many cybersecurity roles in high demand, such as cybersecurity engineers, ethical hackers, and security software developers, demand has far outweighed supply. Despite this, the critical need for skilled professionals remains increasingly necessary, with a new survey from PWC finding just under half (48%) of UK organisations believe a “catastrophic cyber attack” is their top risk scenario, ahead of a global recession (45%) and the resurgence of COVID-19 (43%). Trachet explains that as this remains a high priority for businesses, there needs to be a shift in how businesses approach closing this gap, going beyond finding existing people within the industry and instead looking for employees with transferrable skills. For instance, looking at a threat researcher, the skills for this role can come from people of various occupational backgrounds, such as teachers, barristers, and mechanics.
Whilst this remains a growing issue, the UK government has recently kickstarted its ‘Upskill in Cyber’ program, which aims to bridge the country’s digital skills gap and has seen a record number of applicants apply. According to Trachet, the government program serves as a vital way to give people the appropriate support to help them flourish and support the economy amidst a challenging outlook for other industries.
CEO of business advisory, Trachet, and fractional CFO of YesWeHack, Claire Trachet, highlights the innovative ways businesses can retain and recruit cybersecurity professionals amidst the talent gap crisis:
“At Trachet, we’ve witnessed several trends in M&A within the cybersecurity ecosystem, whereby larger organisations – which are usually looking to acquire proprietary technologies – actively leverage M&A to help bridge the talent gap in this domain. This is done through measuring the ratio of price per expert, which cross-checks the valuation of the organisation, a key consideration for companies entering a deal of this nature.
“Corporations are actively leveraging M&A to fortify cybersecurity defences instead of opting for recruitment or training. There are countless examples, a few include Microsoft, Cisco, and FireEye which carried out key acquisitions of GitHub, Duo Security, and Mandiant respectively – I personally experienced this factor in some transaction where we led the M&A for our clients’ acquisition by industry leaders, such as in cybersecurity and AI.
“As many in the field know, the biggest issue encompassing the cybersecurity security sector is scaling and internationalisation – and this mainly comes from the increasing talent shortage . There are dozens of schools which have opened over the past few years on a global level, as well as scale-ups trying to address the training element through gamified training platforms, to address this and what we are increasingly seeing is larger companies looking to forge relationships with these institutions, be that through sponsorship, mentorship or specialised programmes. This means that they then have access to a new wave of talent that’s coming through in this sector.
“At Trachet, we’ve witnessed many innovative approaches towards bridging the global skills gap in the cyber sector. Companies like YesWeHack, which deploy bug bounty programs, were created to smoothly and safely connect blue-chip companies with those rare minds that can think like a hacker but act as a guardian. Bug bounty programs – which are essentially ethical hackers – are a critical remedy for cyber recruitment, YesWeHack in this case provides access to a global community of ethical hackers for organisations that require this at speed, and simultaneously is instrumental in developing the skills of the workforce.”