The UK’s shortage of skilled cyber security professionals, highlighted in a recent government report, is a priority challenge, according to industry experts. The Department for Science, Innovation and Technology report found that approximately half of all UK companies with cyber security employees lack the necessary skills. 

The cyber security skills gap remains a challenge for companies as more employers actively compete for talent. Alongside the skills gap, the UK is facing a cyber skills shortage, with a lack of people available to work in cyber security job roles. 

The report suggested a little over 160,000 cyber security jobs advertised last year, a 30% increase from the previous year. Employers highlighted that 37% of these roles were difficult to fill. The report estimated that the UK has a shortfall of over 11,000 people required to meet the requirements of the cyber workforce.

Diversity in the cyber security industry also continues to be a challenge. The latest data indicates that 17% of the cyber workforce is female, a decline from 22% in 2022. The report highlights that 14% of senior roles are held by women. Businesses must adopt a broader D&I strategy for cyber security and beyond. The government has focused on improving the number and diversity of skilled people in the cyber security market. The £2.6 billion National Cyber Strategy included measures to support young people developing cyber and tech skills and pursue subjects like computer science, developing the skills required for cyber and tech careers. 

The report identifies the extent of the cyber security skills gap and the existing shortages in the UK. The data identifies the challenges companies face in hiring and training cyber staff and the barriers individuals entering the industry may experience in pursuing the necessary career and training pathways. 

The study provides a clear picture of the supply and demand side of the UK cyber skills gap and how the cyber security workforce is evolving. The main findings from the latest report include:

-The demand for cyber security professionals is rising rapidly. In the last year, there has been an increase in job postings, with core cyber job postings increasing by 33% and other general cyber roles rising by 30%. Recruiters and employers highlighted that the cyber job market remains very competitive.

-There has been an increase in advertised positions performed remotely, which could impact the cyber workforce over the coming years. The workforce could become more dispersed, and hiring candidates from additional locations may enable the recruitment of more diverse candidates. The study suggests that 28% of job postings for general cyber roles had no specific location listed. If the cyber market continues to be candidate-driven, we may see a continued rise in remote working.

-Training and development continue to present a challenge for employers. The research emphasises the importance of training and development in securing the best talent. However, once individuals achieve the necessary skills, they become more valuable and could move to higher-paying roles. This caution to training employees to see them move to another company is a potential barrier to upskilling employees and taking on candidates at the entry-level.

-Diversity of the workforce and expanding the talent pool in cyber remains a priority. The latest study shows diversity levels have remained relatively consistent, and while some employers have made progress on diversity, much remains to be done. A lack of diverse candidates remains a priority for most companies. The gender gap for cyber security courses is still significant, with 12% of female graduates at the undergrad level and 23% at post-grad. 

-There has been a positive response to the UK Cyber Security Council’s Career Route Map, but general awareness remains relatively low. The Career Route Map, now the Cyber Career Framework, will play a critical role in shaping the understanding of the various career pathways within the cybersecurity market.

‍