Europe demanding world’s fastest cybersecurity workforce growth as region’s skills shortfall is forecast at 350,000

The largest-ever global survey of over 19,000 cybersecurity professionals, (3,694 from Europe), conducted by (ISC)2’, reveals that European organisations are planning the fastest rate of cybersecurity hiring in the world, with 38% of hiring managers in the region wanting to grow their workforce by at least 15% in the next year. This is despite the fact that two-thirds of organisations state that they currently have too few cybersecurity workers, as the region faces a projected skills gap of 350,000 workers by 2022.

The report calls for employers to do more to embrace newcomers and a changing workforce, as 92% of hiring managers admit they prioritise previous cybersecurity experience when choosing candidates, and that most recruitment comes from their own professional networks. Hiring managers identified that they are relying on their social and professional networks (48%), followed closely by their organisation’s HR department (47%), as their primary source of recruitment.

The latest report, Benchmarking Workforce Capacity and Response to Cyber Risk, released from the 2017 Global Information Security Workforce Study, the 8th Edition of the Study which has been running since 2004, offers a deep dive into the growing cybersecurity skills gap. It shows that strong recruitment targets, a shortage of talent, and disincentives to invest in training are contributing to the skills shortage with 70% of employers around the globe looking to increase the size of their cybersecurity staff this year.  The demand is set against a broad range of security concerns which continue to develop at pace, with the threat of data exposure clearly identified as today’s top security concern amongst professionals around the world. Concern over data exposure reflects the advent of new regulations aimed at enhancing data protection around the world, including Europe’s General Data Protection Regulation to be in force by May 2018. The Study was conducted by Frost & Sullivan for the Center for Cyber Safety and Education, with the support of (ISC)2, Booz Allen Hamilton and Alta Associates. 

The report describes a revolving door of scarce, highly paid workers amidst a non-existent unemployment rate of just 1% in Europe. Organisations are struggling to retain their staff, with 21% of the global workforce stating they have left their jobs in the past year, and facing high salary costs, with 33% of the workforce in Europe in particular making over $100,000 USD / EUR 95,000 / GBP 78,000 per year.

“The combination of virtually non-existent unemployment, a shortage of workers, the expectation of high salaries, and high staff turnover that only increases among younger generations creates both a disincentive to invest in training and development and a conundrum for prospective employers: how to hire and retain talent in such an environment?” states the report.

Recruitment and professional development strategies must change

Recommends made suggest that organisations adapt their approach to recruitment and draw from a broader pool of talent. This is backed by findings that show workers with non-computing related backgrounds, account for nearly a fifth of the current workforce in Europe and that they hold positions at every level of practice, 63% at manager or above.

It also highlights a mismatch between the skills recruiters are looking for and workers priorities for developing a successful career, suggesting skills sets may not be keeping pace with requirements. Currently, the top two skills workers are prioritising include ‘cloud computing and security’ (60%) and ‘risk assessment and management’ (41%), while employers prioritise looking for communication (66%) and analytical skills (59%). Only 25% and 20 % of workers are prioritising communication and analytical skills respectively. 

Key recommendations include:

  • Looking beyond Social and Professional networks  as the main channel of recruitment. to open doors for new, younger and more diverse talent.
  • Accepting the need to Invest in development and training: More talent is needed to stem the high levels of movement on job markets.
  • Better Communication of current employer requirements: Workers prioritise different skills for their professional development than what employers look for in the workforce
  • Embracing a broader talent pool: Individuals with non-technical backgrounds often rise to become key decision makers, with 30% of Directors, Executive Management and C-suite professionals in Europe beginning in non-technical careers. 

Adrian Davis, Managing Director, EMEA at (ISC)2 said: “There are real structural concerns hampering the development of the job market today that must be addressed. It is particularly concerning that employers appear reluctant to invest in their workforce and are unwilling to hire less-experienced candidates. If we cannot be prepared to develop new talent, we will lose our ability to protect the economy and society.”

Jarad Carleton, Principal Consultant, Frost & Sullivan said: Businesses cannot afford to ignore investing in training and development programmes for their workforces. Those that do so will become much easier potential targets for cyber criminals and risk facing high profile hacks similar to those we have seen in recent weeks. Europe has traditionally been strong at investing in its workforce, and must continue to provide regular training and recruit from non-technical backgrounds to help ease the skills shortage. We predict the skills gap to become much more acute in the coming years if businesses fail to do so.


European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.