European companies are poised to step up their recruitment of cybersecurity experts over the next 12 months, according to the latest release from the 2017 Global Information Security Workforce Study (GISWS).
It found that nearly 40% of firms polled plan to expand their cybersecurity teams by at least 15% over the next 12 months, suggesting that demand will increasingly outstrip available talent. The study suggests that by 2022, Europe could face a shortfall of up to 350,000 cybersecurity professionals.
The latest biennial study, issued since 2004 and conducted by business consultant and market researcher Frost & Sullivan on behalf of the non-profit Center for Cyber Safety and Education (Center) and (ISC)2, the information security certification body canvassed opinion from over 19,600 information security professionals from 170 countries on trends and issues affecting their profession and careers.
The 2017 GISWS finds that 92% of hiring managers admit to prioritising previous cyber security experience when choosing candidates, and that most recruitment comes from their own professional networks. Primary sources of recruitment are their social and professional networks, cited by 48% of hiring managers, followed by their organisation’s human resources (HR) department (47%).
Globally, the survey finds that strong recruitment targets, a shortage of talent, and disincentives to invest in training are contributing to the skills shortage, with 70% of employers across the 170 countries studied looking to increase the size of their cybersecurity staff this year.
Rising demand is set against a background of security concerns that continue to steadily develop, with the threat of data exposure clearly identified as the top security concern among professionals around the world.
“It’s unsurprising, but hugely encouraging that European businesses are looking to bolster their cybersecurity skills,” said Rob Norris, vice president head of enterprise and cyber security for Europe, the Middle East, India and Africa (EMEIA), Fujitsu.
“Recent, large-scale breaches have shown just how devastating these attacks can be, not only for a company’s reputation but for its bottom line as well.
“As a result, European businesses face fierce competition for hiring cybersecurity professionals, and must implement smart talent strategies. Business leaders should work with IT departments to identify the cyber security skills required in-house; then, organisations can use both targeted recruitment and the upskilling of existing employees in parallel to bring this about.
“Businesses can also work with outside providers to supplement their cybersecurity capability, and ensure that they stay ahead of the latest threats. And last but not least, businesses must remember that right now, every employee is at the front line in the fight against cyber criminals.
“The whole workforce should be educated in key principles of cybersecurity to help to prevent attacks from taking place. That way, European businesses can work around the cybersecurity skills shortage and ensure that they are as safe as possible from the ever-growing threat of cybercrime.”
When it comes to the relationship between Europe and Britain – uniformity isn’t a word that currently springs to mind. And that’s not just a reference to Brexit. Whilst the Europe and Britain do find themselves in the midst of a political break-up – their monetary policies are also showing signs of divergence.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.
For companies to survive the intense competition, the only way is to make better use of information gathered from the business process.