The cyber security skills gap is getting worse

The UK’s skills gap is hitting cyber security the hardest.

How to stop the cyber security skills gap getting even worse

cyber theives try to break into a smartphone

The UK is suffering from a serious skills shortage, and it's hitting cyber security the hardest.  

We've had a lack of skills in cyber security for years, and the issue's only getting bigger. Since 2014, the number of organisations reporting a problematic skills shortage has more than doubled from 23% to 51%. And by 2021, it's predicted we'll have a global shortfall of 3.5 million cyber security jobs. 

The industry clearly has a problem with supply and demand – and it's affecting companies large and small. We all remember last year's malware attack on the NHS that affected computers in nearly 100 countries, and the attack at Uber that leaked the data of 57 million users. Cyber attacks are getting more serious, and are now the fourth-largest threat to UK business.  

With so much at stake, you'd think we'd be doing everything to recruit, train and retain as many cyber security pros as possible. Well, it's not as simple as that. There are loads of factors affecting the shortage:  


Since Brexit, we've seen a record drop in EU migration to the UK, while the number of EU citizens leaving the UK (130,000) is at a 10-year high – which isn't helping the matter. We clearly need more skilled workers, but as employers face continued uncertainty, many are starting to move their security functions overseas.  


Many employers are training their staff in specific products, rather than wider security frameworks, so staff aren’t getting the transferable skills they need. This means experienced cybersecs spend most of their time dealing with emergencies, instead of planning for the future or training staff. 


Ironically, tech teams aren’t investing in the technology they need to manage processes. Tech like artificial intelligence, automation and analytics can speed up security processes and take some of the pressure off staff.  

So what's the solution?  

It's time to rethink education. Employers need to take control and invest – either in training new staff or upskilling existing ones. And training providers need to make sure programmes are well-rounded and delivered to high standards.  

Apprenticeships are the perfect way to achieve this. Most cyber security apprenticeships are high level programmes – equivalent to a degree – and cover a range technical skills and knowledge. Employers are very involved in the training process – they can help write the programme, mentor their apprentices, teach them in-house skills – and even use their apprenticeship levy to pay for training.  

Apprenticeships can be used to train new recruits or existing staff, so businesses can build their own expertise in-house. And there's never been a better time to hire an apprentice. There are apprenticeships available in cyber risk management, cyber security and security analysis – and there's more funding available now too. 

The solution is simple. If you're struggling to find the skills you need, hire an apprentice and train them in-house.  


Download our free guide to find out everything you need to know about hiring a cyber security apprentice – from how to recruit, how to deliver, how to fund and how to make apprenticeships easy.  

Download guide

This article includes research and opinion sourced by OneFile at the time of publication. Things may have changed since then,
so this research is to be used at the reader's discretion. OneFile is not liable for any action taken based on this research.