Out-Law / Your Daily Need-To-Know

UK’s cyber security skills gap ‘a ticking time bomb’ for industry

istock.com/solarseven

04 Aug 2023, 2:40 pm

The UK’s chronic shortage of skilled cyber security professionals, highlighted in a recent government report, is a “ticking time bomb” for the industry according to one expert.

The report (102 pages / 3.19MB PDF), published by the Department for Science, Innovation and Technology, found that half of all UK businesses employ people in cyber security roles who lack appropriate skills. The issue was found to be particularly advanced in around a third of all UK businesses. Previous reviews conducted in 2021 and 2022 had similar findings.

Cyber professional services expert Christian Toon of Pinsent Masons said this cyber security skills gap is “causing a pain point” for businesses. “Employers are now competing for talent and seeing salaries increase significantly as they vie for top candidates.”

“But these new pay scales cause issues among other roles and specialisms – and candidates can sometimes be over-promoted to help fill roles. With ever-mounting cyber security threats, this trend is a potential a ticking timebomb for the industry,” he added.

Alongside the skills gap, the UK also struggles with a cyber skills shortage – a lack of people available to work in cyber security job roles. According to the report, there were 160,035 cyber security job postings in the last year, an increase of 30% on the previous year. Employers reported that more than a third (37%) of these vacancies were hard-to-fill. Overall, the report estimated that the UK has a shortfall of 11,200 people to meet the demand of the cyber workforce.

Toon said diversity in the cyber security industry is “actually getting worse”. The latest figures suggest that just 17% of the cyber sector workforce is female – down from 22% in 2022, but similar to the figures reported in 2021 and 2020. Only 14% of senior roles are filled by women. Toon said: “Businesses need to adopt a broader focus on diversity and inclusion across their organisations - not just for cyber security – if these disappointing figures are going to change.”

The government said it was working to increase the number and diversity of skilled people in the cyber security profession. It added that the £2.6 billion National Cyber Strategy included plans to encourage young people to develop their cyber and tech skills, and take subjects such as computer science which help develop the skills needed for cyber and tech careers.