UK cyber skills gap grows 29% despite record hiring
93% of UK cybersecurity professionals report a shortfall
A new report by ISC2 has found that the UK cybersecurity workforce is still falling far short of demand, with a record gap of 73,439, up 29.3% year-on-year.
This is despite the number of people working in cybersecurity rising to an all-time high of 367,300 - an 8.3% increase from 2022.
ISC2, a non-profit member organisation for cybersecurity professionals, produces a report on global trends in cybersecurity every year. The 2023 ISC2 Cybersecurity Workforce Study, shows that cyberskills remain at a premium in all countries surveyed, not just the UK.
However, economic uncertainty had a bigger impact in the UK this year than the global average. Fifty-seven per cent of companies in this country said they faced cutbacks, including layoffs, hiring freezes and budget cuts, compared to 47% globally. Cutbacks were more likely to include job losses in the UK in 2024, with 77% of UK respondents predicting layoffs, compared to 70% globally.
A massive 93% of UK cybersecurity professionals surveyed reported skills gaps at their organisations, especially in key areas like cloud security, zero trust and AI/ML. Sixty-percent complained cuts had reduced their defensive capabilities.
In the face of the severe shortages, organisations are offering flexible conditions (71%), training (70%), diversity initiatives (69%), and certifications (64%). Problem-solving skills and curiosity are most valued along with communication abilities.
Among other findings, training budget cuts were mentioned by 35% of the respondents, with a similar figure reported by the global cohort (34%). Meanwhile, diversity and inclusion (DEI) efforts were slightly ahead in the UK.
ISC2 CEO Clar Rosso said organisations must invest in both new and existing talent to equip teams against an increasingly complex threat landscape.
"While we celebrate the record number of new cybersecurity professionals entering the field, the pressing reality is that we must double this workforce to adequately protect organisations and their critical assets," she said in a statement.
"Amid the current threat landscape, which is the most complex and sophisticated it has ever been, the escalating challenges facing cybersecurity professionals underscore the urgency of our message: organisations must invest in their teams, both in terms of new talent and existing staff, equipping them with the essential skills to navigate the constantly evolving threat landscape. It is the only way to ensure a resilient profession that can strengthen our collective security."
The study surveyed 14,865 global cybersecurity practitioners, including 986 UK respondents, in April and May 2023.