Despite a gloomy 2020, the market for cyber and information security consulting has arguably grown in the face of the global COVID-19 pandemic.
The rise of home working and people working on their own devices or on unsecured networks has only provided more ammunition for the macabre and sinister hackers and cyber criminals out there.
We have also seen a sharp rise in cyber-attacks, with a growing number of organisations of all shapes and sizes reporting dramatic increases in ransomware and malware incidents. In some cases, this has been reported as being up to 80% more likely than in previous years; a worrying statistic indeed.
So why the ticking bomb headline I hear you say? One very real and pressing issue for the cyber community remains a little more hidden however. There is still a yawning chasm between the number and quality of seasoned practitioners plying their trade in the industry and those graduates and early talent practitioners making their way in the field.
As more and more cyber professionals remain in-demand and the appetite for their services shows no sign of abating, they find themselves also making choices around their projects and capacity based on the pending IR35 legislation to further complicate matters.
Equally, the truth is that an estimated 85% of such veterans are white often middle aged at best and are rapidly heading towards semi or full retirement. So who picks up their mantle as we lose them from the workforce or contract labour market? Additionally, how do we ensure their knowledge filters down to less experienced colleagues? This is hard in a results and project led contract labour market which is still one of the highest across the tech landscape.
It has long been said that there is a lack of diversity within the field, and the truth is, that not only is this correct, but there has been little done to narrow such a bottleneck.
Recently, we have seen some attempts by the government to encourage people to consider a career in the cyber field, but, as much as this is the right thing to do, some of the messages have grated and not exactly hit the mark.
Indeed there have been some severe own goals during the pandemic as those in more creative and arts based professions have been encouraged to explore opportunities in the cyber sector. We would contend that a missing ingredient here is a thorough appraisal of people’s personality and behavioural traits to look at how well they map against top performers in the cyber market.
At talent:ed we would contend that all individuals are disposed to a certain type of career given their inherent personality traits, cognitive ability and motivation. To merely shepherd an individual towards an area due to a lack of supply to match demand is a little myopic.
We have a track record of developing longer term early talent strategies to provide sustainable talent pipelines for niche and in-demand skillsets. We also have experience in working with a wide range of global organisations to reinforce their cyber strategy and stay ahead of the bad guys.
In order to build some diversity in the market, as well as futureproofing against the ticking time bomb that we have highlighted, there needs to be a conjoined strategy at organisational, cluster and industry level. Early talent initiatives fused with training post qualification and some mentoring and knowledge transfer will allow the market to grow in line with demand estimates, however time is running out to plug this gap.
As mentioned above, IR35 is a real issue for practitioners but also an opportunity if seen correctly. We are working with some savvy high-quality individuals to provide their services via a different mechanism, on-demand or as a portfolio service. The days of strictly day rate contracting are on the wane, although organisations are typically also unwilling to increase their headcount to support Permanent demand.
The market will flux and flex as the IR35 agenda plays out with winners and losers but in a market traditionally driven by not just supply and demand, but by performance and payment, things need to change to support a continued healthy ecosystem and the nurturing of a more inclusive, diverse and youthful talent pool.
It’s not just someone else’s problem or remit. Working collaboratively to build talent, promote learning and sharing knowledge will keep the ecosystem thriving for a long time as the demand remains strong and exponential in growth.
Why not check out our LINKEDIN GROUP for talent:ed individuals to share knowledge, advice and opportunities or www.talentedconsultancy.co.uk/talented-network
Source
https://www.ncsc.gov.uk/report/diversity-and-inclusion-in-cyber-security-report