200 cyber experts have their say: Technical expertise not enough when hiring cyber talent


Published: 4 July, 2019

Two of the top five cyber security challenges organisations face trace back to the acute cyber security talent gap: a lack of in-house expertise and difficulty finding the right talent. That’s the view of over 200 cyber security professionals and business leaders who shared their insights in a new report released by recruiting experts Hays, the Cyber Security Talent Report.

The survey also found that 61% of respondents said it is ‘difficult’ or ‘very difficult’ to recruit cyber security talent while only one-half believe they are ‘capable’ or ‘extremely capable’ of developing and retaining cyber security talent.

“The need for cyber security professionals is far outpacing the number of qualified candidates and this will only continue to escalate with the increasing sophistication of threats to Australian and New Zealand businesses,” says Adam Shapley, Managing Director at Hays Information Technology.

“In a highly competitive market, organisations must also implement strategies to retain and develop their cyber security talent if they are to effectively overcome the cyber security skills shortage.”

The good news is that the talent shortage has created strong job opportunities for those interested in pursuing a career in the industry, and job seekers do not necessarily need to possess highly technical skills to be successful.

“Employers realise they need to keep an open mind when writing their selection criteria and reviewing candidates. People with strong soft skills and a background in IT can be upskilled into cyber security,” says Adam.

Nick Baty, Chief Security Advisor, Ministry of Health New Zealand echoes a similar perspective in the report. “A lot of people think you need to have a technical background or an IT degree to work in the cyber security field,” he says.

“I didn’t come from a technical background with formal training, but I gained the skills and knowledge from the intelligent people around me.”

Hays also found that 56% of organisations access cyber security talent by upskilling existing IT staff. Peter Frochtenicht, National Manager – Security and Compliance at NEC Australia, says in the report that when recruiting talent, he often upskills internal staff. Peter says, “I look for someone who is easy to manage, a self-starter that can do the job regardless of any industry certifications. If a person has a ‘can-do’ attitude, I know I can work with them and train them up very quickly.”

In other findings:

  • 48% said that their organisation’s cyber security team is insourced, while 40% utilise both insourced and outsourced talent
  • One-half (52% and 54% respectively) of organisations surveyed believe they are ‘capable’ or ‘extremely capable’ of developing and retaining cyber security talent
  • Only 22% of organisations are collaborating with other organisations in industry training or development programmes to assist in overcoming the cyber security talent gap
  • 58% believe that support of management to deliver on cyber security initiatives is the most important factor when attracting cyber security professionals. This is followed by the offering of competitive or industry leading salary and benefits (43%) and the organisation being innovative and using the latest technologies (42%)

Access the full cyber security report here

press release about us

About Hays

Hays, the world’s leading recruiting experts in qualified, professional and skilled people.

Hays is the most followed recruitment agency on LinkedIn. Follow Hays and join our growing network.



Get expert advice, insights and the latest recruitment news by following us @HaysAustralia