Talent Acquisition

Why Hacker Threats Have Created a Boom in Cybersecurity Recruitment

With cyber-attacks increasing across the world, so does the demand for cyber-security jobs. In an uncertain world, hackers are outpacing government and corporate defences, and one of the main reasons is poor cybersecurity. The global cybersecurity skills shortage has left many companies and nations vulnerable to attacks.

A reported 86% of global business and IT professionals believe there is a shortage of cybersecurity professionals. These are the conclusions of the 2015 Global Cybersecurity Status Report by the ISACA. The global shortage has created an immediate risk to corporations and governments, many of whom are vulnerable to hacking because of their inadequate defences. Unsurprisingly, hackers are deliberately targeting organisations who don’t have the cyber professionals to keep them safe.

Cyber skills shortage

From Singapore to San Francisco, there are currently not enough candidates with the cyber skills to keep our economies safe from hackers. An Intel Security report revealed that 82% of eight major economies have complained of a cybersecurity skills shortage.

In response to the cyber skills crisis, there is a growing demand for candidates who can oversee intrusion detection, secure software development, and attack mitigation. With the current skills shortage unlikely to be reversed anytime soon, the demand for cybersecurity professionals is expected to grow by 53% by 2018.

Cybersecurity investment

The global financial sector has been looking to increase their cybersecurity apparatus for years now, with banks three times more likely to be targeted by hackers than non-financial institutions. According to Intel Security, five banks alone have spent more than $1.5 billion on cybersecurity. The financial sector spends more on cybersecurity products and services than any other private sector industry, and this boom will only increase the demand for more security engineers and analysts.

Peter Kelly, Senior Principal at Computer Futures:

Cybersecurity is obviously an immediate threat to all businesses, of all shapes and sizes. This immediacy to act before it is too late has seen an increased demand for security professionals with our customers and is growing on a weekly basis across the globe, where Computer Futures has expanded its cyberSecurity offering to supply Europe, America, Japan and Singapore.

The main issue we are finding is that there is a lack of experienced cybersecurity professionals on the market to fill pivotal roles and current students studying the necessary qualifications will not get the relevant experience to be qualified and considered for such roles, for a few more years. This is why we are working with educational and professional bodies to help alleviate the skills shortages in these business critical roles.

Recruitment opportunities

According to Peninsula Press analysis of the US Bureau of Labor statistics, more than 209,000 cybersecurity jobs in the United States are currently vacant, and job adverts have risen by 74% in the past five years. In short, the cybersecurity market job market is booming, and recruiters have a lucrative opportunity to place candidates, if they can find them.

The growing demand for cyber experts is ensuring that information security is one of the best paid jobs in the US. Cybersecurity jobs in the United States pay an average of $6,500 more than other IT professions. The premium for technical skills in this field is currently valued higher than management and communication ability.

Recruiters who can successfully place candidates in this field will be handsomely rewarded. In the United States, the highest paying cybersecurity job for a lead software engineer is $233k per year. This is nearly $8,000 more annually than a chief information security officer (CISO) salary, which has traditionally been a role with far greater managerial responsibilities.

With the low number of cybersecurity candidates, the top five average salaries in the US currently ranges from $178k to $233k and demand is expected to grow well into the 2020s. Such is the cybersecurity skills scarcity, the value of salaries in Western economies has grown by at least 2.7 times the average wage.

Will demand drop in future?

There is no evidence to suggest the cybersecurity market will slow down anytime soon. Cyberattacks are becoming more prevalent and harmful, and no organisation will ever be immune to attacks. With the advent of the Internet of Things (IoT), the potential for hackers to infiltrate and disrupt organisations will only further increase the demand for cybersecurity.

Recruiters therefore have a huge opportunity to search and place candidates in cybersecurity roles. Cybersecurity recruitment is going to be the first line of defence, and to prevent attacks, you need a robust recruitment strategy – and for that, you need a specialist cybersecurity agency.

Modis and Stott and May are two recruitment agencies specialising in this area. With experienced candidates in short supply, it will take a gifted recruiter to prize away a leading candidate from a big company.

In response to the cyber skills shortage, Stott and May have their own in-house ‘Centre of Excellence’, where every consultant receives specialist training in cybersecurity. This centre helps ensure their staff can place highly skilled candidates that companies and organisations desperately need.

Adam Hawkins, Managing Director, Modis;

2016 saw a shift within cybersecurity hiring. Traditional contract roles, such as Analysts & Penetration Testers, were still high on the demand scale but we saw a considerable increase in Corporate organisations moving away from hiring solely on a contract basis. Our clients are recognising the need for a consistent, long term security strategy; with many CROs and CIOs ensuring cybersecurity is a focused division within their organisations.

This has resulted in a large increase in the demand of permanent cyber professionals from Analyst to Architect level. With permanent candidates demanding salaries of over 25% more than other skilled ICT professions due to the increasing skill shortage and the historic desire for cyber professionals to work on a contract basis.

In 2017, the war for talent will be fierce; we only envisage the skills gap widening and the upward demand trend of permanent cyber roles continuing. Cybersecurity candidates can be found in IT departments, startups or even the military. For recruiters to place cybersecurity staff, they will need to develop a comprehensive network of contacts and resources to succeed.

The United States in particular will have to fill 100,000s of cybersecurity roles over the next decade. To meet the demand, the recruitment options include cross-training existing IT staff and getting undergraduates into cybersecurity training courses, or importing candidates from other countries.

With more universities, colleges and companies investing in this field, there has never been a more lucrative time for recruiters to source a cybersecurity candidate. Whatever solution recruiters embrace, there is no doubt that cybersecurity is a key battleground for all major companies, and reducing the skills gap will be a matter of critical importance in the months and years ahead.

By Jörgen Sundberg

Founder of Undercover Recruiter & CEO of Link Humans, home of The Employer Brand Index.