Findings from a recent report have revealed that despite efforts, the cyber security skills gap is still continuing to grow.
The survey from Capgemini found that only 43% of workers within an organisation have the necessary cyber security skills needed to carry out their jobs. Capgemini’s report found also that cyber security represents the skill with the biggest gap between demand and internal supply, compared with analytics and innovation.
Across organisations, the majority (68%) reported high demand for cyber security skills compared to 61% demanding innovation skills and 64% looking for analytics skills. These figures were analysed against the skills available in the business already, revealing that only 43% of organisations had the necessary cyber security skills to meet demand. In comparison, 51% had the needed amount of skills for analytics and 40% for innovation skills.
“The cyber security skills gap has a very real effect on organizations in every sector,” says Mike Turner, Chief Operating Officer of Capgemini’s Cyber security Global Service Line. “Spending months rather than weeks looking for suitable candidates is not only inefficient it also leaves organizations dangerously exposed to rising incidents of cybercrime. Business leaders must urgently rethink how they recruit and retain talent, particularly if they wish to maximize the benefits from investment in digital transformation.”
Furthermore, the demand for the security skills within an organisation is only expected to increase according to Capgemini. Over the next two-three years 72% of respondents predict high demand for cyber skills, compared to 68% today.
In order to tackle the growing gap, Capgemini outlined four suggestions that businesses should focus on to ensure skills are developed. These include integrating security into the business, ensuring that the culture of the business mirrors the principles of cyber security.
“Get the basics right, in terms of application development. It is important to make the organisations as a whole better at cyber security, aligning the enterprise with principles and processes that are secure from the ground up,” said Turner.
The second suggestion is to maximise existing skills, instead of always recruiting externally businesses should develop the skills of existing employees. Thirdly, organisations must think outside the box and think beyond normal recruitment strategies.
Capgemini’s final suggestion is strengthening retention, which is particularly interesting to see how workers are driven within organisations. From the 81% of cyber security talent Capgemini surveyed, respondents said they favour an organisation with clear development paths and flexible working to progress themselves and their job roles.
Therefore, in order to retain the cyber security workers they already have organisations should look at incentives for workers because the survey found those with better work prospects look to stay longer. Those that feel demotivated at work tend to leave, which will only widen the gap further.
The report surveyed over 1,200 senior executives and front-line employees, as well as analysing social media sentiment of over 8,000 cyber security employees.