The online security conundrum: an acute skills shortage amid increasing needs

Cyber security is one of the world’s fast-growing industries, set to register growth of 10 per cent annually to reach over U.S.$202 billion by 2020 (according to Markets and Markets research). However, the sector is currently plagued by a lack of qualified experts.

Banks under threat

Following a spat of cybercrime incidents increasing in frequency, Cherif Sleiman, Vice President, EMEA, at IT automation and security company Infoblox, paints a very bleak picture of the situation. “Ransomware is massively increasing in popularity – with criminals seeing a greater return on ransom, over the smash and grab approach to cybercrime. The WannaCry attack was largely reported as the world’s largest ransomware attack, but Petya, the latest attack indicates that, only a month on, it’s possible that the trend is only set to grow,” he remarks.

The Financial Institutions Security Risks research from cyber security consultancy Kaspersky Lab and B2B International shows that banks and financial institutions are ramping up security investment more than any other sector. “Suffering from attacks both on their own infrastructure and on their customers, retail banks spend three times as much on IT security as comparably sized non-financial institutions. Moreover, 64 per cent of banks admit that they will invest in improving their IT security regardless of the return-on-investment, in order to meet the growing demands of government regulators, top management and even their customers,” the report says.

Kaspersky Lab notes that a cyber security incident involving a bank’s online banking services will, on average, cost the organisation U.S.$1.75 million. However, it will also hit in ways that are harder to quantify such as data loss; damage of brand/company reputation; leakage of confidential information; etc. “In the banking sector reputation is everything, and security goes hand-in-hand with this,” says Kirill Ilganaev, head of Kaspersky DDoS protection. “If a bank’s online services come under attack, it is very difficult for customers to trust that bank with their money, so it’s easy to see why an attack could be so crippling.”

An acute skills shortage

Meanwhile the global cyber security workforce gap is expanding and there will be than 1.8 million unfilled positions in the sector by 2022, a report from Frost & Sullivan and (ISC)2 found.

My colleague Emma Neville, Senior Recruitment Consultant at Hays Australia has seen an increase in the need for security experts in the sector recently. “Over the last 6 – 12 months there has been a steady increase in the demand for security resources in the financial sector. The banking and financial services industry has the highest rate of malicious cyber incidence in the private sector. The digitalisation of banking, along with the vast amount of confidential data that banks hold, makes financial organisations a very attractive target of cybercrime. As the systems and information of banks are persistently targeted by cyber threats, security has been a top priority, which has led to increased spending on security initiatives and the demand for security experts.

Security Architects in demand

Emma says she has seen a rise in demand for security candidates across all levels, but that there has been a significant increase in roles for security architects, particularly with a focus on digital and cloud technologies. “A major focus has been on securing talent with an understanding of the banking domain: people who understand and can speak with the business. In such a heavily regulated industry there is an ongoing demand for governance, risk and compliance resources.”

The demand should therefore increase considerably according to Emma. “All of our major banking clients are speaking to us about security professionals. In a landscape changed by finance technology and marked by more competition there will only be more threats.”

Emma notes that security professionals already command attractive day rates, and if that the shortage of skills perseveres, rates will increase further. “As clients look to secure security experts on a permanent basis there will be a corresponding impact on salaries. Like most roles however, remuneration is only one factor, and candidates will also be interested in the scope of work the organisation is undertaking and the culture of the organisation.”

If you found this blog helpful, you may also enjoy the below:

• Can your business stay ahead of digital transformations?
• Four reasons machines will not replace humans at work
• Is your IT team ready for the robots?
• Why and how to hire when times get tough
• Could you help reduce the digital skills deficit?

Author

Carl Piesse

Regional Director, Financial Services

Linkedin

Joining Hays Recruitment in the UK, Carl spent three years recruiting across the financial services market in London before joining the Australian business in 2003. After managing multiple specialist teams across various divisions, as well as recruiting extensively across wealth and financial planning, Carl currently takes a lead role across our Banking and Financial Services team in NSW.

As Regional Director, his responsibilities cover both the operational and strategic aspects required to continue growth within this sector. This includes overseeing the service delivery to many of our highest profile clients where Carl is recognised for establishing strong relationships and delivering an excellent service.