trending Market Intelligence /marketintelligence/en/news-insights/trending/44bpr4oyhcmjj6fzedzasa2 content esgSubNav
In This List

Infosecurity Europe: Diversity key to closing UK's cybersecurity skills gap

Podcast

Next in Tech | Episode 50: InfoSec spending up, again…

Blog

Broadcast deal market recap 2021

Podcast

Next in Tech | Episode 49: Carbon reduction in cloud

Blog

Price wars in India: Disney+ Hotstar vs. Amazon Prime Video vs. Netflix


Infosecurity Europe: Diversity key to closing UK's cybersecurity skills gap

As cyberattacks and data breaches become more frequent and severe, employers struggle to recruit enough IT security professionals.

Cybersecurity executives at the annual Infosecurity Europe conference in London said June 5 that diverse hiring policies are key for tackling the industry's skills shortage, as cases of leaked sensitive information increase in volume and severity worldwide.

The U.K.'s public and private sectors have been marred by high-profile cybersecurity hacks in recent years, including at TalkTalk Telecom Group PLC in 2015, as well as last year's major, global WannaCry attack, which hit computers in Britain's National Health Service, closing down emergency wards and disrupting hospital services.

Nearly half of all U.K. businesses (43%) and two in ten charities have experienced a cybersecurity breach or attack in the past year, with 74% of companies and 53% of all charities describing IT security as a "high priority" for their senior management teams, according to a survey commissioned by the U.K. government this year.

With cybersecurity experts in short supply, Cory Scott, chief information security officer at Microsoft Corp.-owned LinkedIn Corp., said that employers need to rethink hiring strategies and "be aware of unconscious bias" in order to prioritize the "diversity of mindset and narrative" within organizations.

"If you hire a bunch of people who look like you, come from the same background, have the same education, have worked at the same companies, you're going to end up with a homogeneous group of security professionals that are not serving [your needs]," Scott told the conference delegates.

The numbers on the shortfall in skilled labor are gloomy. Recruitment firm Indeed's report on the global cybersecurity skills gap published last year showed that the U.K. had the second worst skills shortage after Israel, with just 31.6% of employer demand being met, compared with 66.7% in the U.S. and 68.1% in Canada.

The skills shortage has been on the industry's radar for a while. In 2016, as many as 77% of U.K. chief information officers warned of increases in cyberattacks due to a lack of IT security talent, according to a study by recruitment firm Robert Half.

Speaking at the conference, Christian Toon, chief information security officer at law firm Pinsent Masons, also urged IT professionals to cast the net wider in the hiring process, arguing this would help curb the talent crunch.

"You need to look at [hiring] people from every walk of life, every gender [and] every ethnicity. In times, this is going to be hard … but it's not impossible," Toon told delegates, adding that employers need to be aware, for instance, of how a job advertisement written from a male perspective can put off female applicants, and vice versa.

Britain's shortage of skilled IT security professionals raises concerns that not only are organizations vulnerable to unprecedented threat from hackers, but they also risk fines under the recently implemented General Data Protection Regulation, or GDPR, and planned data protection legislation after Brexit.

Moreover, companies and organizations' growing reliance on the cloud only adds to the sense of urgency.

Emma Smith, Group Technology Security Director at mobile operator Vodafone Group PLC, said that tactics and schemes designed to recruit more women, in particular, should be considered on a national scale, including moving female professionals from different disciplines into the industry through training, education and mentorship.

Smith is convinced that "with hard work, we can attract women into security teams."

Additional Infosecurity Europe coverage:

Fear for large-scale cyber warfare may be largely overblown

GDPR rules help to make privacy by design the new normal