relif - STOCK.ADOBE.COM

People with non-IT backgrounds could help fill cyber security skills gap

Organisations should look to fill cyber security roles with people who are curious and have work experience rather than focusing solely on graduates

Senior IT security professionals do not think a university degree is essential for a successful career in cyber security.

In fact, the survey of 200 senior IT security professionals in the UK, commissioned by MWR InfoSecurity, revealed that 46% consider curiosity a required core skill, while 34% cite on-the-job experience as key.

Half of the respondents said salary and culture were “very important” or “important” criteria for potential recruits when they chose an employer.

The survey revealed that 49% of respondents viewed the UK as a top five country in terms of cyber security, while 46% rated the UK as average. 

Dave Chismon, senior researcher at MWR InfoSecurity, said the survey offered insight into what those in charge of security at organisations believe would address the skills gap.

“As well as widening their applicant pools, companies looking to recruit top cyber security talent would do well to consider the importance of company culture in attracting new security recruits,” he said.

Read more about cyber security skills

  • A failure to include women in cyber security recruitment campaigns, the continued focus on technical skills, and a gender pay gap are exacerbating the cyber security skills shortage, say experts.
  • The global shortage of cyber security professionals appears to be worsening, with the latest figures suggesting 1.8 million information security-related roles will remain unfilled worldwide by 2022.
  • As hackers grab headlines, CISO jobs get hot. Now cloud providers are looking for a nuanced brand of IT talent.

Chris Batten, managing director of cyber security recruitment company Acumin, said security positions could stay vacant for months, sometimes years, if employers failed to attract the right candidates.

“Those employers that are able to attract a wide range of competences when building their cyber security teams are not only able to recruit and retain staff more easily, but also, in marketing the profession and their business more broadly, they attract candidates from a diverse segment of the workforce.”

Data released by global job site Indeed in January 2017 found that UK businesses could be at increased risk of cyber attack due to a severe shortage of cyber security expertise. The research revealed that the while the number of cyber security roles advertised in the UK was the third highest in the world, employer demand exceeded candidate interest by more than three times.

IT apprenticeships could go some way to addressing the skills shortage by allowing participants to study while gaining hands-on experience. They could also open up entry into the cyber security sector to people who might not have the traditional background associated with it, but offer the curiosity and on-the-job experience the MWR survey found to be important.

Read more on IT education and training