European firms are poised to hire a large number of cyber-security professions in the next 12 months to fight the increasing threat posed by hackers.
The overall cyber-security skills shortage may rise to 350,000 workers in Europe by 2022 and firms across the continent are now intent on avoiding that possibility.
Organisations across Europe are set to embark on a massive hiring spree of cyber-security professionals to cover for a glaring skills gap which is expected to rise to 350,000 workers by 2022, revealed a survey commissioned by (ISC)2, an information security certification body.
The global survey of over 19,000 cyber-security professionals including 3,694 from Europe revealed that as many as 38 percent of European firms are looking to increase their cyber-security workforce by as much as 15% in the next year. The survey was conducted after the Benchmarking Workforce Capacity and Response to Cyber Risk report revealed a widespread skills shortage due to a shortage of talent, strong recruitment targets, and disincentives to invest in training.
“The combination of virtually non-existent unemployment, a shortage of workers, the expectation of high salaries, and high staff turnover that only increases among younger generations creates both a disincentive to invest in training and development and a conundrum for prospective employers of how to hire and retain talent in such an environment,” the report said.
Verizon’s 2017 Data Breach Investigations Report has revealed a 50% rise in ransomware attacks compared to last year, 289 confirmed breaches related to espionage, 90% of which are attributed to state-affiliated groups, over 21 percent of all security incidents being phishing attacks and that organised criminal groups were behind 51% of breaches. In such a scenario, it has become increasing necessary for companies across Europe to hire more cyber-security professionals and make their cyber-security practices future-proof.
At the same time, European firms will also need to revamp their cyber-security practices in order to comply with the General Data Protection Regulation (GDPR) which will come into force next year. The regulation will impose fines of either 4 percent of a company's annual turnover or €20 million, whichever is higher, on companies which fail to protect customer data from hackers and cyber-thieves.
However, the existing cyber-security industry is plagued by a glaring skills shortage coupled with the presence of overpaid professionals who are making over £78,000 per year on an average. As such, companies across Europe are now finding it increasingly difficult to retain talent because of high salary demands.
The report also highlights a glaring gap between what organisations are looking for and the expectations of cyber-security professionals. "Currently, the top two skills workers are prioritising include ‘cloud computing and security’ (60%) and ‘risk assessment and management’ (41%), while employers prioritise looking for communication (66%) and analytical skills (59%). Only 25% and 20 % of workers are prioritising communication and analytical skills respectively," the report added.
"Businesses cannot afford to ignore investing in training and development programmes for their workforces. Those that do so will become much easier potential targets for cyber criminals and risk facing high profile hacks similar to those we have seen in recent weeks," said Jarad Carleton, Principal Consultant, Frost & Sullivan.
"Europe has traditionally been strong at investing in its workforce, and must continue to provide regular training and recruit from non-technical backgrounds to help ease the skills shortage. We predict the skills gap to become much more acute in the coming years if businesses fail to do so," he added.