Cybersecurity professionals are calling for better education and improved apprentice schemes after saying a shortfall of staff in the sector is leaving companies exposed to hacker attacks.
According to a recent survey of recruitment agencies, 81% expect a rise in demand for digital security staff, but only 16% saw that the demand would be met.
“Demand is sky-high,” said Tim Holman, the chief executive of the cybersecurity consultancy 2-Sec. “The cost of dealing with cyber problems is only going to go up, insurance premiums will go up, the price of cleanups will go up.”
A number of high profile cyber attacks in 2017 have fuelled demand for professionals. In March, the mobile phone company Three suffered a serious breach that compromised 200,000 customers’ data. In April, the payday loan company Wonga had 250,000 customer records stolen including bank account details, phone numbers, and email addresses. However, the Wannacry ransomware attack on NHS IT systems in May demonstrated that cybersecurity is not simply a problem for business. A third of NHS trusts have reportedly been infected by ransomware this year.
The lack of skilled professionals capable of dealing with cybercrime needs tackling urgently, said Adam Thilthorpe, the director of external affairs at BCS, the Chartered Institute for IT.
“We’ve been voicing our concerned for some time that there is going to be a shortage of skilled IT professionals. We need an integrated strategy across government and business from education, apprenticeships and diversity initiatives. We should recruit more women, ethnic minorities and [retrain] older workers to unfilled posts.”
BT, which has been running a successful cyber apprenticeship scheme for five years, has made a point of looking beyond the pool of university computer graduates.
“We were originally plucking people from IT and bolting skills on but we changed our entire recruitment policy including targeting different kinds of people,” said Rob Partridgeat BT Security. “One area we’ve looked at is neuro diversity. We know, for example, that some people with Asperger’s are highly suited to cyber but don’t always have good communication skills so we changed our approach to the way we source and interview candidates. The industry needs to recruit through potential.”