Free cookie consent management tool by TermsFeed Policy Generator How companies are dealing with the cybersecurity skills gap | Hamlyn Williams
How companies are dealing with the cybersecurity skills gap
  • Cyber Security
  • May 12 2023

Is There Still a Cyber Security Skills Shortage?

In the current business climate, companies continue to look for ways to save money whilst still delivering a safe, quality product or service to customers. As part of this cost-saving exercise, there has been some evidence of a reduction in cyber roles on the market; but the reality is different from what the data shows? released a report in March that states that cyber roles had dropped by almost a third year on year- but despite this, cyber skills are the most sought-after that companies want to hire for.

While there are many factors that have led to the reduction in live jobs reported by Indeed, training is likely to be one of the key contributors. There has been a slow shift towards training internal staff rather than hiring from outside. Bill Reynolds, Research Director at Foote Partners, a workforce research firm, notes that companies ideally want to both hire and train cybersecurity professionals. However, due to the shortage of skilled workers, training has taken precedence for certain roles, which has had both positive and negative effects on the workforce.


"Many people have underestimated the training time, cost, and complexity within cyber, which has led to few high-quality internship opportunities or graduate programs that are able to build upon foundational knowledge. Whilst larger institutions are beginning to implement security training programs for junior staff, this needs to be more heavily invested in. The training has been mostly outsourced to boot camps, so it is not tailored to the specific organization and, therefore, not as practical as it could be."

Ross Gisondi - Senior Search Partner - Information Security and Technology - Hamlyn Williams


The correct training programs that hire the right people can present a longer-term solution to the skills gap. While it will likely always be essential to hire specific skillsets, by aggressively investing in training your workforce now, companies will be in a far better position to respond to future skill shortages in cyber. Fortinet research states that 82% of leaders indicate their organization would benefit from cybersecurity certifications, and 90% indicate they would pay for an employee to obtain a cybersecurity certification. However, the current reality is that these certifications are rarely provided to junior-level employees.


"One of the most important realizations businesses need to have is that training graduates or junior employees will never be a cost-saving measure. The training schemes and certifications that are highly regarded, such as SANS, can cost anywhere from $8,000 to $12,000 per training or certification. Entry-level talent simply cannot afford to fund these personally and will struggle immensely to secure an entry-level role where they can receive sponsorship for achieving the certifications.
As a result, despite the high demand for skills and the significant risks on the horizon for companies, obtaining an entry-level cyber internship or job right out of school is extremely competitive. For many individuals, the path to entering the cyber workforce is not a linear progression from graduation but rather involves exploring various avenues such as military, law enforcement, general IT, or engineering."

Ross Gisondi - Senior Search Partner - Information Security and Technology - Hamlyn Williams


The need for cyber skills shows no sign of dwindling, and this is being reflected within technology leadership. Training firm Pluralsight reports that 59% of technology leaders rank cybersecurity as one of the top three training topics, surpassing data science and cloud skills. To find evidence of why, we don’t need to look far. Fortinet research discovered that 84% of companies surveyed have suffered a cyber breach in the past 12 months, with 48% of them experiencing a breach that cost them more than $1 million to remediate, up from 28% in 2021.

In simple terms, attacks are becoming more frequent and more expensive, leading insurance companies to develop complex and specific security requirements for their policyholders.

Given this dramatic and costly increase, it may be surprising that Indeed is reporting a reduction in roles. However, this does not reflect the aggressive hiring of senior positions within the cybersecurity field. One thing we can confirm is that experienced cyber professionals are in high demand, and certain skill combinations, such as container management and cybersecurity, or a proven track record in cloud security, are particularly sought after.


"The reason cloud security talent is currently in high demand is that companies underwent large-scale cloud transformations without conducting proper risk or security assessments. As a result, they are now required to add security measures after the fact due to Federal Liability concerns regarding the security of their products and services. The same situation applies to the development pipeline, as companies have had to backtrack and integrate security into the Software Development Life Cycle (SDLC) due to pressure from regulators and insurance providers."

Jacob Voeller - Cyber Security Consultant - Hamlyn Williams


One important factor that can both help and hinder security is the rapid progress we've seen in AI. On the one hand, intelligent malware, automated vulnerability discovery, and ML-enhanced attacks pose a greater threat. But on the other hand, AI can be a valuable tool for defense.

While AI will be able to contribute heavily to the automation of threat intelligence and detection, one of the key benefits to cyber staffing is the removal of admin-heavy jobs that are currently a major burden to skilled operatives.


"AI is going to have a positive impact on the cybersecurity landscape. It is necessary and will play a significant role in addressing the talent shortage. It's important to note that AI is not meant to replace human jobs, but rather to fill gaps and allow humans to dedicate more time to higher-impact tasks that require critical thinking."

Ross Gisondi - Senior Search Partner - Information Security and Technology - Hamlyn Williams


Despite developers and engineers seeking to transition into cybersecurity to enhance their earnings and advance their careers, along with companies increasing their investments and AI assisting in reducing administrative burdens, the demand for cybersecurity skills is expected to continue growing at a much faster rate than the supply of skilled professionals entering the market.

That's why we strongly recommend making cybersecurity hiring a crucial aspect of the early planning stages of any major transformation project. By consulting with our specialists, we can help you gain a better understanding of the required skills for your project's launch and ensure that you have them in place at the perfect time.

If you have a specific mandate you would like our team to evaluate or if you are a cybersecurity professional seeking advice on your next role, please feel free to contact our team at +1 (646) 349 2712 or visit our contact page.

About the author
Sam Roberts
More blogs
Back to Insights
Similar insights
Top Cyber Security Trends: 2024
Discover more
White House Publishes Implementation Plan for The US National Cybersecurity Strategy
Discover more
We asked an AI chatbot for cyber security career advice and the results were.. unnerving.
Discover more
Building a high performing team: lessons learned from technology recruitment
Discover more
Victoria Doig joins as global Operations Director
Discover more
A website to match our global ambition
Discover more
A world free from bias and discrimination: download our International Women's Day whitepaper
Discover more
American Buisness Women's Day 2021 - Cyber Security Focus
Discover more
Increasing Importance of Industrial Cyber Security
Discover more
The rise of cyber crime
Discover more