Cyber skills gap prevails, UK firms rely on outsourcing

While the skills gap for tech-related professionals continues to widen, 90 per cent of UK firms find a solution to this in external managed providers. 

According to Neustar International Security Council (NISC), an exclusive association for cybersecurity professionals, nearly nine-tenths (89%) of security professionals who were polled said their organizations had somewhat (45%) or greatly (44%) increased their reliance on external providers due to the ongoing talent shortage.

And this trend is pushing firms to seek cybersecurity professionals through either outsourcing or offshoring. The survey conducted by NISC revealed that these organizations are seeking to hire individuals with cloud security skills (64%), followed by network operations skills (55%) and risk management and application development security skills (both 51%), while fewer than three in ten respondents (28%) said they were actively seeking to hire for DevSecOps skills.

The respondents agree that the persistent talent shortage in the cyber security industry hinders their organizations from ensuring that they are answering the new security demands in this field. The majority at 85% say the accelerating digitalization is creating a more difficult security environment for their organizations. And although the vast majority (92%) acknowledged that implementing a digital initiative without fully understanding or addressing potential security challenges is a mistake, more than half (56%) said their organization had rushed to implement a digital initiative anyway.

Surprising revelation

Senior Vice President of NICS Carlos Morales said that the survey they ran did have one surprising revelation. 

“Considering that both the enterprise technology environment and the general threat landscape are changing so rapidly, we did not expect such a large majority of respondents — 86%— to state that they understood the security risks to their organization as well as they did two years ago,” he said

“Whether the past few years have presented as an acceleration of existing trends or a systemic, foundational shift, security and IT organizations feel they have what they need to maintain active awareness of their risk exposure and emerging threats – thanks in part to an increased reliance on the trusted external partners protecting their infrastructure, data and people.

The NISC survey was carried out in March 2022 and reflects respondents’ activity and concerns during January and February 2022.

Read more here.