In the light of GKA’s recently announced partnership with Bletchley Park Qufaro to jointly develop and deliver cyber security apprenticeships, it’s timely to look at why the demand for cybersecurity skills shows no sign of abating.
High profile data breaches
Seldom does a week go by without a major data breach being reported as businesses struggle to secure their valuable data against an ever-growing range of threats. In fact, there were more data breaches last year than any year on record, and that trend shows no signs of slowing down.
The list of businesses hit by data breaches in recent months reads like a who’s who of leading UK brands, including:
- British Airways suffered a sophisticated data breach affecting around 380,000 customers using its website and mobile app.
- Dixons Carphone had 10 million customer accounts compromised as the result of a highly publicised breach.
- Ticketmaster UK admitted that up to 5% of its global customer base, outside of the USA, had their personal details and payment details compromised as part of an attack on a third party the company used.
A number of recent surveys also confirm the level of threats posed. For example, the 2018 Cyber Security Breaches Survey found that 43% of businesses had reported cybersecurity breaches or attacks in the last 12 months, with this figure rising to 72% among large businesses.
Reputational and financial damage
The most common breaches or attacks involved fraudulent emails, attempts by scammers to impersonate the organisation online and viruses and malware. The results include files temporarily or permanently lost, software or systems corrupted, websites slowed or taken down and money, assets and intellectual property stolen.
All of these factors have an impact upon businesses involved, either in terms of serious commercial losses or reputational damage. No wonder then that organisations are so keen to ensure that their cyber defences are up to the task – the alternative may be going out of business!
Cyber skills shortages
The result of the growing cyber threats outlined above has been a serious shortage of cybersecurity professionals.
Everywhere you look, reports and research confirm this shortfall in skills. For instance, ISACA (a global IT governance association) claims that almost three in five (59%) of organisations have unfilled cyber or information security positions. To add to their difficulties, more than half (54%) say that it takes three months or more to fill such a position.
Elsewhere, research by the respected Capgemini Digital Transformation Institute found that of the skills required by businesses to support digital transformation, cyber security skills are most in demand but with the least internal supply. Almost 70% of the organisations polled claimed they were in need of cyber security skills, but only 43% claimed such skills were already present in the company.
And looking further forward, figures from the Global Information Security Workforce study indicate there could be around 100,000 unfilled cybersecurity jobs in the UK by 2022.
The GDPR ‘influence’
The EU’s General Data Protection Regulation (GDPR) has forced many businesses to improve their data protection practices. This is because the Europe-wide regulation threatens businesses with tough fines if they fail to meet data compliance and reporting standards. All of which has resulted in a surge in demand for data protection professionals.
Typical cybersecurity roles
Given the range of opportunities and continued levels of demand, it’s never been more timely to consider moving into the cybersecurity industry. So, what are the typical jobs found in a cybersecurity team? Obviously, these can vary from business to business but here are examples of some of the more common roles:
- Security officer – an entry level role that provides support for the security procedures and software in place on a day-to-day basis
- Security analyst – responsible for ensuring an organisation’s networks and systems are able to protect themselves against malicious attacks and to respond to threats in a timely fashion
- Security engineer – the focus here is on the design of security systems
- Security architect – responsible for updating and maintaining an organisation’s security programs and/or infrastructure
- Penetration tester – a specialist role involved in locating flaws in code and security software through robust testing
- Data protection officer – oversees data protection strategies and ensures that the organisation complies with all GDPR requirements
- Chief information security officer – responsible for defining the organisation’s security operations, including strategies, policies and procedures
One key point to note is the clear path for career development that many businesses offer within their cybersecurity teams.
A well-designed apprenticeship programme can do much to close the skills gap by enabling businesses to build their own cybersecurity talent. To find out more about the GKA and Bletchley Park Qufaro initiative click here.
European Product Manager