The
2024 Global Cyber Security Report, recently published by Hays - the world’s specialist leader in workforce solutions and recruitment, sheds light on the critical challenges facing organisations as they compete for talent in a skill short market. Despite this, most organisations are neglecting essential training investments required to nurture talent. Additionally, they perceive artificial intelligence (AI) as both a threat and an opportunity.
The risks to organisations are increasing as technology continues to advance at an unprecedented rate. Cybercrime is one of the greatest risks facing organisations worldwide, as it is estimated cyberattacks will cost the world $9.5 trillion in 2024.
Organisation are struggling to attract and retain crucial talent
More than half of respondents (61%) are struggling to attract the right talent, which is due to the shortage of available skilled workers in today’s talent pool. Over half (61%) of those who stated they are struggling to attract and retain talent, said that a lack of skilled candidates is a major factor.
As demand continues to outstrip supply, cyber security professionals can command salaries which many employers cannot meet. In 2023 almost half of employers (44%) froze salaries for existing or new members of their security workforce, while just 17% of respondents were able to offer a pay rise above 10%. In response to these challenges, employers are looking beyond salary increases to attract cyber talent. Remote and hybrid working opportunities, as well as greater flexibility, are becoming increasingly important.
Organisations are failing to invest in necessary training and development programmes
As experienced cyber security experts come at a premium, the development of non-traditional talent, through the recruitment or reskilling of talent with transferable skills, is essential for organisations. However, the report reveals 62% of respondents think their employer doesn’t currently have an in-house talent development programme to grow their cyber security workforce. The report reveals that 73% of organisations invest 5% or less of their cyber security budget into talent development.
Headcount and investment remain a critical issue
Over half of respondents reported their cyber security teams grew in 2023, however, investment in headcount remains to be a main area of concern for cyber security leaders.
The report reveals that majority cyber security leaders are more concerned about their budgets than 12 months ago, 72% in 2024, up from 68% last year. This is despite 54% of this year’s respondents expecting an increase in their spending allocation, which is up from 46% in 2023.
The report findings highlight that many cyber security leaders see AI as a risk, as well as a potential solution. Nearly nine out of ten (89%) are concerned about the potential risks of AI threats. This compares with 89% who believe that AI will prove useful in improving security capabilities.
James Milligan, Global Head of Technology Solutions at Hays, said, “In order tackle cybercrime, organisations need to make the most of technology and attract and retain talent with the right skills. There are an estimated 3.5 million cyber security vacancies worldwide, however, there is an insufficient number of experienced workers, and cyber security professionals are struggling to keep their skills up to date.”
“The report highlights that while there are plenty of consumers of talent, there are not enough creators. A pipeline of cyber security talent needs to be developed to solve tomorrow’s challenges. Organisations need to develop training strategies to ensure sustainable success and consider non-traditional cyber talent, such as individuals without formal education or experience. Employers also cited training opportunities as one of the best measures to attract talent and retain staff, alongside offering flexibility and remote working opportunities. These need to be taken into consideration when devising attraction and retention strategies.”