Cyber recruiter predicts the brink of an industry crisis

Lewis West, Head of Cybersecurity at Hamilton Barnes, cites an ageing workforce and small businesses being priced out of the market after COVID for the ‘crisis’ the cyber sector now faces.

Globally, workforces are battling to build cyber workforces in the midst of an ever-increasing skills gap within the industry. Cyber strategies such as NCWES have been put in place to ensure increased education and knowledge within the sector, but some argue that initiatives are not moving fast enough.

West states that cybersecurity businesses are now ‘at a crossroads’ and blames the cyber skills gap for the shortage of thousands of cybersecurity professionals.

Rising demand, yet smaller cyber businesses are priced out

According to Lewis West, Cybercrime now costs the UK’s small business community £4.5bn (US$5.72bn) a year - averaging £1100 (US$1397) per individual attack. In line with this, he also draws attention to cybersecurity measures becoming less of a priority for businesses.

Indeed, a recent survey revealed that 50% of cybersecurity professionals admitted that their organisations only conduct relevant cyber training once a quarter, or even once a year.

In addition, West argues that a 10% rise in employment in the cyber workforce is therefore not enough to fill public demand, especially given that cyberattacks continue to increase, with ransomware attacks in particular continuing to rise dramatically.

He said, “After COVID-19, there was huge demand for cyber talent, when a lot of people were getting hacked because of new setups and ways of working. Businesses wanted as much cybersecurity as they could get and were paying experts whatever they wanted. 

“Since then, there has been the threat of a recession and things have started to slow down. Companies no longer want to spend and things are levelling off, so crazy-money salaries are few and far between.”

Yet, despite talent being more readily available, it is clear that businesses are still not up-to-date with their own cybersecurity needs.

West says, “SMEs are simply not doing enough when it comes to cybersecurity, from the tooling in place to the attitude of employees around security risks. In the case of the ransomware rise, businesses are too willing to simply pay the ransoms because they see doing so as cheaper than bringing someone in to prevent it. 

“Studies have shown that 43% of cyber-attacks are aimed at SMEs but only 14% are prepared to defend themselves – an unbelievable and hugely worrying statistic.

“A ransom for SMEs will often be a nominal fee and they’ll think, ‘We'll just take the loss, pay it and get our stuff back.’ It doesn’t help that there’s no real legislation around ransomware, no set procedure to follow, and a lot of businesses have a very immature setup around it or neglect it altogether until it's too late.”

A need for businesses to combat growing skills shortages

Security needs have changed and the issue is compounded by a global skills shortage. 

According to West, talent was historically available to fill requirements, but as demand for skilled cyber experts has risen, the number of specialists in the market has not grown to match this. 

He said: “There’s talent out there, to an extent, but it’s at the more experienced end of the spectrum and these guys are leaving the market, even retiring early having earned enough. And there aren’t enough specialists coming through to fill these gaps. 

“The big shortage is the mid layer; someone who has done anything from three to five years of engineering is like gold dust at the moment.

“There is a crisis – in short, there are too many jobs and not enough people.” 

According to West, SMEs face the additional challenge that cyberattacks are becoming more and more niche and sophisticated. Experts are therefore increasingly focusing on a specific discipline within the market, where a ‘jack of all trades’ is still needed for many small businesses. The solutions lie in changes of approach both from an educational and business perspective. 

West summarises: “More needs to be done to push students in the direction of cybersecurity specifically, where it’s still largely lumped into IT courses at least up until university.” 

He also argues that businesses should be focused on building a security culture, increasing awareness across the entire team and hiring the correct personnel. “Training employees to become more aware of security attacks and attackers’ methods is an effective way to reduce the number of successful cyber-attacks. As is including cybersecurity talent in your hiring strategy,” he concludes.

******

For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.