Organisations battle to attract cyber security talent amid increased risks

a girl with glasses working on her computer
 
Published: 18 March, 2024
 
  • 61% of organisations do not rate their ability to attract cyber security talent highly.
  • 62% of organisations don’t have a talent development programme.
  • 89% of respondents are concerned about the potential risks of Artificial Intelligence (AI) threats.
The 2024 Global Cyber Security Report, recently published by Hays - the world’s specialist leader in workforce solutions and recruitment, sheds light on the critical challenges facing organisations as they compete for talent in a skill short market. Despite this, most organisations are neglecting essential training investments required to nurture talent. Additionally, they perceive artificial intelligence (AI) as both a threat and an opportunity.
 
The risks to organisations are increasing as technology continues to advance at an unprecedented rate. Cybercrime is one of the greatest risks facing organisations worldwide, as it is estimated cyberattacks will cost the world $9.5 trillion in 2024.
 

Organisation are struggling to attract and retain crucial talent 

More than half of respondents (61%) are struggling to attract the right talent, which is due to the shortage of available skilled workers in today’s talent pool. Over half (61%) of those who stated they are struggling to attract and retain talent, said that a lack of skilled candidates is a major factor.
 
As demand continues to outstrip supply, cyber security professionals can command salaries which many employers cannot meet. In 2023 almost half of employers (44%) froze salaries for existing or new members of their security workforce, while just 17% of respondents were able to offer a pay rise above 10%. In response to these challenges, employers are looking beyond salary increases to attract cyber talent. Remote and hybrid working opportunities, as well as greater flexibility, are becoming increasingly important.
 

Organisations are failing to invest in necessary training and development programmes

As experienced cyber security experts come at a premium, the development of non-traditional talent, through the recruitment or reskilling of talent with transferable skills, is essential for organisations. However, the report reveals 62% of respondents think their employer doesn’t currently have an in-house talent development programme to grow their cyber security workforce. The report reveals that 73% of organisations invest 5% or less of their cyber security budget into talent development.
 

Headcount and investment remain a critical issue

Over half of respondents reported their cyber security teams grew in 2023, however, investment in headcount remains to be a main area of concern for cyber security leaders. 
The report reveals that majority cyber security leaders are more concerned about their budgets than 12 months ago, 72% in 2024, up from 68% last year. This is despite 54% of this year’s respondents expecting an increase in their spending allocation, which is up from 46% in 2023.
 

AI is seen as a potential threat and opportunity

The report findings highlight that many cyber security leaders see AI as a risk, as well as a potential solution. Nearly nine out of ten (89%) are concerned about the potential risks of AI threats. This compares with 89% who believe that AI will prove useful in improving security capabilities.
 
Organisations are split on whether AI can effectively replace cyber security talent, as 44% don’t believe AI will impact headcount. While over half of respondents (57%) stated they will have trained their cyber security workforce to use AI tools within the next year. 
 
James Milligan, Global Head of Technology Solutions at Hays, said, “In order tackle cybercrime, organisations need to make the most of technology and attract and retain talent with the right skills. There are an estimated 3.5 million cyber security vacancies worldwide, however, there is an insufficient number of experienced workers, and cyber security professionals are struggling to keep their skills up to date.”
 
“The report highlights that while there are plenty of consumers of talent, there are not enough creators. A pipeline of cyber security talent needs to be developed to solve tomorrow’s challenges. Organisations need to develop training strategies to ensure sustainable success and consider non-traditional cyber talent, such as individuals without formal education or experience. Employers also cited training opportunities as one of the best measures to attract talent and retain staff, alongside offering flexibility and remote working opportunities. These need to be taken into consideration when devising attraction and retention strategies.”
 
- Ends - 
 
The Hays Global Cyber Security Report 2024 was completed in late 2023 and features the insights of over 1,000 cyber security leaders, from across 47 countries. The report explores how cyber security leaders are currently approaching recruitment and retention strategies for qualified cyber staff, as well as the anticipated impact of AI, and their organisations investment plans.
For further information please contact media@hays.com.au 

About Hays

Hays plc (the "Group") is the world’s leading specialist in recruitment and workforce solutions, such as Recruitment Process Outsourcing (RPO) and Managed Service Provider (MSP). The Group is the expert at recruiting qualified, professional, and skilled people worldwide, being the market leader in the UK, Germany, and Australia and one of the market leaders in Continental Europe, Latin America, and Asia. The Group operates across the private and public sectors, dealing in permanent positions, contract roles and temporary assignments. As of 31 December 2024, the Group employed over 10,300 staff operating from 225 offices in 33 countries.


Hays is the most followed recruitment agency on LinkedIn. Follow Hays and join our growing network.

 

 

Get expert advice, insights and the latest recruitment news by following us @HaysAustralia