posted 13th September 2024
The Cybersecurity space, as it stands in 2024, brims with potential. Forbes has dubbed this year as a pivotal one for cybersecurity, thanks in large part to the "momentous" year that was 2023. Rapidly evolving threats posed by the fast-paced advancement of technology, the impact of multiple geopolitical crises, and growing cybersecurity-specific challenges have, for both companies and individuals, made the need for robust defence mechanisms more pressing than ever.
The Rise in Cybercrime
In terms of real numbers, cybercrime has long been reported as experiencing year-on-year increases. Indeed, in the 20 years between 2001 to 2021, the cybercrime victim count rose a mammoth 1517% - a figure that isn't particularly surprising in the broader context of how much the world has shifted towards being 'online' in that period. More recent numbers have only seen further growth, however. In 2022, these figures further rose by 70%, with the UK and USA having disproportionately more victims than other countries globally.
For businesses, these threats pose huge financial and reputational risks. A survey run by Fortinet found that 84% of the organisations surveyed globally had experienced at least one cyber security breach in 2022-2023 (up from 80% the year before) - and almost half (48%) of those breaches cost more than $1 million to remediate (up from 38% the year before). Large companies have reported much higher numbers of breaches and attacks than smaller firms - and certainly major attacks such as the Uber breach in September 2022 or the UK NHS breach in August 2022 are far more widely publicised when the business involved is a household name brand. The UK Department for Science, Innovation and Technology (DIST), in their 2023 cyber security report that 32% of UK businesses overall experienced attacks in the 12 months between 2022 and 2023, with 59% of medium businesses and 69% of large businesses reporting breaches.
There is a concern, however, that smaller businesses are not simply experiencing less breaches, but rather are underreporting breaches. The impact of the current financial climate is such that many smaller firms are simply unable to financially prioritise cyber security in the same way as larger ones.
32% of UK businesses overall experienced cyber attacks in the 12 months between 2022 and 2023
With the continued rise in, and awareness of, the impact of these threats, this may begin to shift. By 2025, it is estimated that 60% of all organisations globally will use cyber security risk as a key factor when engaging with third parties, for instance - crucial when up to 40% of all cyber threats businesses face are estimated to occur indirectly through the supply chain. At present, in 2024, the impact of this increased awareness is most apparent in the way businesses are approaching cybersecurity hiring.
The Impact on Recruitment
Whist the tech recruitment market has seen an overall notable downturn over the past year globally, cybersecurity seems to have bucked that trend, with the demand for cybersecurity professionals surging significantly according to market data sources like VacancySoft. The workforce in cybersecurity witnessed an impressive growth of 8.7% between 2022 and 2023, with North America and Europe experiencing expansions of 11.3% and 7.2% respectively.
The Aerospace and Engineering sectors, in particular, have witnessed significant growth, largely fuelled by geopolitical influences. In fact, Interesting Engineering posited in 2021 that F-35 jets were more likely to be brought down by cyber attacks than they were missiles, thanks to global military organizations relying more and more on advanced computer technology. The Russia-Ukraine war, too, has had a huge impact on the cyber security landscape, with Russian-based phishing attacks reportedly increasing 8-fold since the start of the war and, by 2022, Russian internet users experiencing an 11% quarter-on-quarter increase in security breaches, making it the country with the highest number of breaches users in the world. In the UK alone, cybersecurity vacancies in these sectors are projected to soar by 40.2% year-on-year to help continually respond to and combat the impact of these events.
Not all sectors have seen as much success in the space. Banking, the second-largest tech sector, is poised to face a decline of 26.3% in cybersecurity hiring - not a surprising shift, and a result of broader significant hiring and investing reductions in the sector.
In 2023, the gap between available talent and hiring needs widened by 12.6% compared to the previous year
In the UK, despite the burgeoning demand for cybersecurity professionals, London has seen an overall decrease in cybersecurity vacancies. This is likely at least in part due to the decline in Banking hiring but is also seemingly yet another sign of a growing 'location neutral' market driven by the still-rising demand for remote work.
Nonetheless, businesses globally continue to allocate a significant portion of their security budgets towards staffing and compensation, with cloud-based enterprises leading the charge by dedicating almost half of their security expenditure to personnel.
However, amidst the growing demand for cybersecurity talent, there remains a pressing concern: the cybersecurity skills gap. In 2023, the gap between available talent and hiring needs widened by 12.6% compared to the previous year - an additional 4 million cybersecurity workers would have been needed globally to meet employers' needs. According to a report run by Hays, 90% of leaders believe that this skills shortage has impacted their ability to successfully implement their cybersecurity strategy - a statistic that becomes even more significant, given that 72% of those same surveyed leaders felt that recent geopolitical and global events have had either a major or moderate impact on their organisation's cyber risk.
Whilst these stats may seem concerning to business leaders, the problems only seem to be growing. Forbes' cybersecurity predictions for 2024 posit a further increasing number of threats. The rise in ransomware attacks, the rapidly growing danger of AI-powered cyber threats and the vulnerabilities in IoT devices all underscore a need for heightened vigilance.
So, it is perhaps only natural that cybersecurity hiring continues to grow. By acknowledging the surging demand for talent and proactively addressing the skills gap, businesses can begin to fortify their defences and mitigate the looming threats effectively. The need to invest in staff and adapt quickly to the incredibly fast-paced development of technology has not yet gone, and is unlikely to go away any time soon.