Cyber Security Skills Shortage

Friday, July 26th, 2019

How does the Cyber Security professional’s skills shortage affect your business?

The Cyber Security skills shortage is getting worse, not just in the technical field as reported in the news regularly, but specialised areas need specialised staff to protect and grow your business. Will the shortage expose your company to risk or reduced profitability?

When you type in “cyber skills shortage” into any search engine, you will find that regardless of the facts and figures used, the common theme is that the skills shortage in Cyber Security is growing, ranging from 54% to 91% of firms reporting shortages.  Even if we take the lower figure of 54% as quoted by, the deficit is huge, putting organisations at risk not only from a security breach, but risking not progressing with the times, utilising new tech, ‘keeping up with the Jones’s’ and losing business to the competition. ‘Cyber Security remains a top priority for the government as it is central not only to our national security, but also fundamental to becoming the world’s best digital economy’ – quite a statement from Given the inherent nature of cyber threats to a digital economy, such a capability gap is not sustainable. So, what can organisations do to combat it? What can they do to stay ahead of the curve?

Re-examine your security posture and workforce strategy.

Understanding your current environment will enable you to close the gap and you should consider some of the questions below;

–          Do you know what skills you need today to run a successful security program?

–          Are your current Cyber Security professionals being utilised to their maximum potential?

–          Do they have the bandwidth to match your lines of defence to best industry practice or are the simply fighting fires?

–          What do you need from a resource perspective tomorrow?

–          Can technology assist to reduce your overhead?

–          Do you need an independent review to help identify, prioritise and position your needs and create a basis for your strategy?

Build the right team and adjust your hiring efforts based on the requirement.

Once you have identified the level and blend of skills you need, you are then able to prepare a recruitment plan. Engage core skills for core business elements around technology, compliance, threat, breach, sales, marketing etc. Ensure that if cyber specialisation is required, hire from an organisation that specialises in providing talent from that market. For those that are more niche and required on a short medium term or ad-hoc basis, consider alternative routes.

Increase your reach to get the best skills

One size does not fit all, and resourcing companies cannot necessarily offer you a one stop shop for all your needs, therefore establish good relationships with two or three outsources for both your permanent, and short-term specialist skill requirements.  For more niche skills such as cyber integration with other parts of the business infrastructure – dev ops, cloud transition, risk etc, source experienced specialist consultants who have real-world hands-on know-how of these unique projects.  Hard to come by, and in high demand, but find the right organisations to reduce the headache of finding and employing these rare skills yourself, so you can continue with business as usual..

Retain the team.

I’ve seen Richard Branson’s quote on LinkedIn a number of times, that rings true in this scenario ‘Train people well enough so they can leave. Treat them well enough so they don’t want to’. People are still one of the biggest threats to any organisation, so to continue to protect your business and retain good staff.  Don’t let the good ones get away, especially if you have invested in technical training for them, but also protect your company form security breaches.  Provide a good platform-based training program that utilises AI to adapt to your environment imparting   knowledge on best-security practice to the wider workforce.  Knowledge is power, allowing you to both grow and protect your business.


The increased demand for Cyber Security professionals with specific skills, at least in the short to medium term, will carry on increasing as companies continue to face the need to secure their environment, whilst introducing new and innovative technologies.

Utilising this agile model, you can not only ensure you are beating the skills shortage by increasing access to the skills that are out there, but you are moving to a more consumption based flexible resourcing. I have seen this approach from a number of our clients, and it is paying dividends in terms of increased staff utilisation, increased threat protection, financial flexibility, administration reduction and ultimately more choice.

By Kathryn Miller, CBG


Contact our team of Cyber Security Experts to find out more about how CBG can help your organisation?

Related Articles: Cyber Awareness – One Size Doesn’t Fit All