Secure Ventures: Cyber Security Skills in the UK Labour Market 2024 & VC Developments
Warren Atkinson
Cyber Community Connector | Podcast Host | Head of Information & Cyber Security Recruitment | ECS & GTM Team Builder
The UK's Cyber Security Labour Market: A Growing Gap and a Path Forward
As we move into 2024, the UK’s cyber security sector faces mounting challenges and emerging opportunities. Research from the Department for Science, Innovation and Technology Department for Science, Innovation and Technology (DSIT) has brought new insight into the current state of the cyber security labour market. From skills shortages and recruitment issues to the impact of artificial intelligence (AI) and venture capital (VC) investment in start-ups, this article explores the key findings and trends shaping the future of cyber security in the UK.
Skills Gaps: A Persistent Problem
One of the most concerning findings from the DSIT Report is the significant skills gap that continues to plague UK businesses. Approximately 44% of businesses report shortages in basic technical cyber security skills, such as identifying cyber threats and implementing the basic measures outlined in the government’s Cyber Essentials framework. This means over 637,000 businesses are struggling to perform essential cyber security tasks without external assistance.
More concerning is the rise in skills gaps related to incident management, which has grown from 27% in 2020 to 48% in 2024, highlighting a critical vulnerability for many businesses as cyber attacks become more sophisticated. Advanced skills shortages—covering areas like penetration testing, cryptography, and threat intelligence—affect 27% of businesses, particularly those with more complex cyber security needs. This shortage directly impacts organisations’ ability to fend off cyber threats effectively, leaving critical gaps in security.
Recruitment Challenges in the Cyber Security Industry
The recruitment of skilled cyber security professionals remains a major challenge. While demand for cyber security professionals has decreased slightly due to macroeconomic factors and tech industry layoffs, employment in the cyber security workforce has actually grown by 5% over the past year, indicating sustained demand for skilled workers.
However, job postings for core cyber security roles dropped by 32% between 2022 and 2023, reflecting a tightening market where companies are reluctant to advertise positions they may struggle to fill. Other roles requiring cyber security skills saw an even steeper decline of 39%, yet the estimated annual shortfall of 3,500 professionals persists. While this is an improvement from last year’s shortfall of 11,200, the unmet demand from previous years continues to accumulate.
Recruitment is particularly difficult for positions requiring 3-5 years of experience, which account for 61% of job postings. However, the proportion of businesses struggling to recruit due to a lack of work experience in candidates has decreased from 35% in 2021 to 16% in 2024, suggesting that new entrants to the workforce are becoming better prepared for entry-level roles.
Diversity Remains a Key Challenge
Diversity in the UK cyber security sector remains low, with only modest improvements in recent years. According to the DSIT report, women make up just 17% of the sector’s workforce, and only 12% of senior roles are held by women. Similarly, people from ethnic minority backgrounds represent 15% of the cyber workforce, with just 9% in senior roles. These figures demonstrate that the sector is still struggling to attract and retain diverse talent.
Neurodivergent individuals make up 13% of the workforce, yet only 8% hold senior positions. Similarly, disabled workers represent 6% of the cyber workforce, with only 4% occupying senior roles. Despite increased awareness of the need for diversity, these figures reflect that much work remains to be done to make the sector more inclusive and accessible to underrepresented groups.
The Rise of AI and Automation in Cyber Security
AI is expected to have a transformative impact on the cyber security industry in the coming years. According to the DSIT research, AI could lead to the automation of routine cyber security tasks, potentially reducing the need for certain roles but increasing demand for new skills tailored to managing AI-driven cyber security systems. Four key potential changes were identified in the report: increasing automation, the need for AI expertise, the development of "AI-cyber" roles, and deep specialisation in areas such as machine learning security.
While there is uncertainty about the extent of AI’s impact, it is clear that the cyber security skills landscape is set to shift, requiring a new wave of professionals who are both cyber-literate and capable of understanding, managing, and deploying AI systems.
Venture Capital and Startups: Driving Innovation in Cyber Security
Amid the challenges, there is significant momentum in cyber security start-ups, particularly with VC backing, fueling innovation in this space. Notable examples from 2023 include Nudge Security, a startup leveraging patented application discovery to help businesses manage SaaS and AI applications at scale. This firm facilitates more effective governance policies and risk management by alerting security teams to unsafe applications. Such innovations have been essential in reducing operational costs, mitigating data exposure risks, and enabling regulatory compliance.
In another significant move, JP Morgan extended £500 million in debt financing to UK-based LendInvest, raising their total to £1.5 billion. The partnership is a sign of growing confidence in the fintech space, where cyber security is a critical component of operational resilience. The broader market for cyber security investments remains strong, with innovative companies securing substantial backing to expand their product offerings and address market gaps.
For example, AtoB, a US transportation paytech firm, raised $130 million in equity and debt to support product and team expansion, demonstrating the cross-sector demand for secure payment solutions. Meanwhile, Australian debt collection fintech InDebted secured $41 million in Series C funding, showing the strong investor appetite for companies tackling financial risk and security issues.
Addressing the Workforce Shortfall: The Path Forward
Despite the challenges in recruitment, there are positive trends emerging. The number of students enrolled in cyber security courses has increased by 14%, and graduates in these programmes have risen by 34%, providing a steady stream of fresh talent into the workforce. Furthermore, new cyber security apprenticeships in England grew by 18%, indicating a growing pipeline of qualified professionals entering the sector.
领英推荐
However, with an estimated annual need for 11,600 new cyber security professionals and a current annual shortfall of 3,500 workers, the industry must continue to expand its talent pipeline. Addressing diversity issues, expanding training initiatives, and adapting to emerging technologies like AI will be key to closing this gap.
Looking Ahead
The UK’s cyber security sector stands at a crossroads. Skills shortages, diversity challenges, and the disruptive potential of AI are shaping the future of the industry. At the same time, venture capital and innovation are driving forward new solutions to address these challenges. To secure a resilient future, businesses must invest in upskilling their teams, embrace diversity, and harness the power of AI responsibly. While the path ahead is complex, the opportunities for growth and innovation are immense.
Stay Ahead of the Curve Businesses that take proactive steps to address the cyber skills gap, diversify their workforce, and invest in new technologies will be best positioned to succeed in an increasingly digital and interconnected world.
Join Our Community!
Elevate your Cyber Security communication skills and connect with fellow leaders in the field. Join our community to access valuable resources, share insights, and develop your expertise. Together, we can navigate the complexities of Cyber Security and drive our organisations toward success! Sign up today and take your skills to the next level.
The?SECURE | CYBERCONNECT?Podcast?is?Launching Soon!
At SECURE | CYBER CONNECT, we're committed to empowering organisations and individuals through strategic introductions and cross-sector collaboration. Our community champions a diverse and inclusive approach to knowledge sharing and innovation in Cyber Security.
SECURE | CYBER CONNECT Podcast, hosted by Justin (Jay) Adamson & Warren Atkinson, this community-led podcast will feature exclusive insights from leading experts in InfoSec, technology, and talent acquisition, spanning VC, PE, start-ups, and enterprise sectors. Tune in for cutting-edge discussions, diverse viewpoints, and valuable industry connection.
Subscribe Here: https://www.youtube.com/@securecyberconnectcommunity
For expert guidance and support to advance your Cyber Security strategy, connect with us.
Join Our Weekly Online Networking Events:
Our Free Weekly Online Networking Session has helped over 1,500 Individuals Connect & Expand their Networks. Curious about how it can benefit you? Join Us this coming Friday!
Join the SECURE | CYBER CONNECT Community:
For?Sustained?Engagement beyond our Friday Sessions, Please Sign Up & Join Our Community to connect with SMEs, Special Interest Groups & Cyber Clusters.
For Further Value, Please See Our Other Newsletters:
Stay Informed & Secure with our Latest Insights & Updates. Subscribe to?Our Newsletter for more valuable information from our colleagues across the business:
Subscribe on LinkedIn: https://www.dhirubhai.net/newsletters/secure-cyber-connect-7210953272369573890/