Investing in GenZ

Sidelining young people would be cyber-security’s greatest failure, argues Adam Blake at Threatspike; much more investment is needed to do right by the UK’s young talent

 

We need more talent in cyber-security, but the foundational stepping stones for aspiring cyber-defenders are eroding. The timing couldn’t be worse, either, seeing as the UK has been battered with headline after headline of businesses suffering cyber-breaches. Now would seem a prudent time to invest in upskilling young talent. But investing in young people is not what’s happening.

 

Nearly half of graduates in their early and mid-20s were underemployed as of March 2024. Ask any graduate today how their job hunt in tech is going and they’ll paint a grim picture. In cyber-security, the picture looks much the same. There aren’t enough jobs.

 

And here is the paradox. Depressing job prospects aside, there’s a growing total shortage of cyber-security professionals in the thousands year-on-year across the UK. Nearly half of UK businesses even struggle with basic technical cyber-security skills, while over a quarter struggle with advanced skills.

 

The sums just don’t add up, and the long-term damage of sidelining young talent will be far greater than stalling promising careers. The less we invest in young careers, the more we risk creating a dangerous experience gap for the next generation of defenders that will undermine the safety and stability of our interconnected world.

 

Nurturing young cyber-talent

As for how we stop the generational cyber-security gap from widening, one obvious helping hand to turn to is the government. To some extent, the UK government has already voiced its share of support here with its recent UK Cyber Growth Action Plan. It promised £16m in funding over the next four years to boost innovation and support cyber-startups in scaling their operations.

 

On a surface level, the funding is at the very least a nice gesture towards propping up cyber-startups. The number of startups the UK produces is, after all, relatively low, compared to the likes of Israel and the US. Plus, it’s always good to see any money at all boosting opportunities for graduates in an increasingly unforgiving job market. No doubt, the funding will encourage some talented individuals, and university teams, to pursue their passions and turn them into commercial entities.

 

The emphasis, however, is ‘some,’ because ultimately, £16m is a drop in the ocean. It’s less than one US startup might secure in a single funding round (for comparison: security startup Horizon3.ai recently raised $100m in one round). It’s also a tiny sum in the context of how much money the UK’s cyber-security industry generates: less than 0.1% of £13.2bn in annual revenue. That revenue figure is maybe ironic since over a quarter of UK businesses have suffered a cyber-attack in the last year.

 

Again, the math isn’t adding up. There’s a mismatch between the cyber-security sector’s economic significance and the level of public investment. Ultimately, the government can – and probably should – do more.

 

Training the next generation

 

---

 

Adam Blake is CEO at Threatspike

 

Main image courtesy of iStockPhoto.com and Kosamtu