IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Half of UK businesses suffer from a basic cyber security skills gap

Government report suggests skills in areas such as configuring firewalls and removing malware are sorely lacking

Digital skills

Hundreds of thousands of UK businesses do not have basic and advanced cyber security skills within their teams, with an alarming 48% of companies hiring individuals without confidence in their abilities to execute basic tasks.

Setting up configured firewalls, storing or transferring personal data, and detecting and removing malware, are among the most common skills lacking in approximately 653,000 businesses. 

This is in addition to 30% of businesses, or approximately 408,000, which lack advanced skills, according to an extensive government report. These more advanced areas include penetration testing, forensic analysis and security architecture. 

A quarter of businesses, 27%, meanwhile have a skills gap when it comes to incident response, and do not outsource this crucial aspect of security. 

To illustrate how widespread the UK skills crisis is, 64% of cyber security firms have faced problems with a technical skills gap, either among existing staff or among job applicants for vacant positions. 

These include areas such as threat assessment, cyber security research, and implementing secure systems. This has had a measured impact, with a quarter suggesting this has, to a great extent, prevented them from achieving goals. 

It’s compounded by the fact that 29% of firms suggesting that job applicants lack non-technical skills such as communication, leadership management skills.

The research, carried out on behalf of the Department for Digital, Culture, Media and Sport (DMCS), explores the nature and the extent of the cyber security skills gap, as well as the skills shortage, throughout 2019. These include people in security roles who lack the appropriate skills, as well as the lack of people available to work in cyber security roles, respectively

Despite the alarming nature of the findings, the skills gap is narrower compared against a similar study conducted in 2018, with the basic technical skills gap falling from 54% of businesses lacking these skills a years ago.

This is in addition to a higher proportion of businesses carrying out formal analysis of their cyber security training needs, from 14% and 22%. Similarly, more businesses now consider it essential to have incident response skills, moving from 17% to 23%.

In terms of recruitment, a third of cyber security companies which have tried to fill roles within the last three years have reported these positions are hard to fill. In 43% of cases, it’s because applicants lacked technical skills or knowledge, while in half of cases, employers found it difficult to fill holistic and general cyber roles.

“Skills gaps and skills shortages continue to affect a large number of organisations. There needs to be more investment in technical skills and training, within the cyber sector and the wider economy,” the report concluded. 

“Schools, universities and training providers need to give young people and training recipients a holistic skillset, covering the relevant technical skills and soft skills that employers demand, and the ability to implement those skills in a business context.”

The labour market, meanwhile, is challenging to navigate, with employers, recruitment agencies and job applicants potentially benefitting from further guidance on career pathways, qualifications and training. Employers, meanwhile, could also benefit from broadening their recruitment practices to hire more new starters, apprentices and graduates, as well as people transitioning from sectors outside cyber security.

The report has recommended that the government more effectively joins up programmes on cyber security skills, with employers given more clarity over how different initiatives relate to one another, and how they fit into a broad career pathway.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Australia pledges $5 million to create tech skills passport
Careers & training

Australia pledges $5 million to create tech skills passport

11 May 2022
The best SQL courses of 2022
SQL

The best SQL courses of 2022

11 Mar 2022
7 UX skills every designer should have
user experience (UX)

7 UX skills every designer should have

10 Feb 2022
Ihre Mitarbeiter – Ihre Wichtigste Ressource
elearning

Ihre Mitarbeiter – Ihre Wichtigste Ressource

3 Dec 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022