However, this new technology also opens up more vulnerabilities to potential cyber threats. According to Deloitte, 40% of professionals believe the greatest cyber security challenge their organisation faces is managing increasing amounts of data and connected devices. As a result, businesses need to be able to capitalise on the promise of the Internet of Things (IoT) without exposing themselves to dangers.
However, UK businesses are struggling to do this, due to the crippling cyber security skills shortage. This is according to our Industry Insiders report, which examines how the growth of IoT is impacting the cyber security jobs market.
Increased demand for cyber security skills
Our research shows that there were 13,214 cyber security roles advertised in Q4 2018 – up 10% year-on-year and 16.6% from the previous quarter. Average permanent salaries for cyber security specialists dipped 2% year-on-year to £58,557; yet the picture was much better for contractors, with average day rates climbing 19.6% from the previous year, to an average of £505. This suggests that businesses are prioritising short term fixes via contractors, over long-term solutions to their talent needs.
Demand for IoT talent set to soar
IoT is currently a much smaller jobs market, but demand for these roles rose 48.8% to 4,968 in Q4 2018 – up from 3,338 in the previous quarter. Both permanent salaries and contractor day rates increased year-on-year as well, by 1.5% and 4% respectively. The demand for IoT technology skills is building, and could be set to soar, as business demand for these technologies grows over the next few years. With the cyber security talent pool already stretched, businesses will need to explore creative solutions to attracting both skillsets, if they are to harness the power of IoT technology securely.
Job roles most needed
When it comes to the type of roles required, an analysis of job titles reveals that it is front line workers that are most in demand. In cyber security, there are more open vacancies for security engineers, consultants, architects and analysts than any other position. For IoT-related job postings, software engineers, technical architects, managers and testers are most sought after. This highlights how much emphasis is being put on actually being able to build and analyse, in both areas of technology.
For employers looking to be ready to adopt IoT technologies and ensure that they have the right blend of skills in their business, here are five tips to consider:
Whether it’s implementing IoT technologies or shoring up security, it’s imperative that organisations move quickly and decisively to get the skills they need in place. Hackers will exploit loopholes in the blink of an eye, while the market will leave dilatory businesses behind. It’s an unenviable position to be in, but having a flexible approach to acquiring the skills required will help organisations reach their desired state, faster.
Building teams with a mix of contractors and permanent staff will ensure businesses get the continuity they need long term, with the injection of experience and skills required immediately. The gig economy may be a relatively new term, but in IT contracting, it has a long tradition. Organisations would be foolish to miss out on an efficient way of accessing talent quickly, if they ensure they are IR35 compliant. They can also use contractors to ‘build’ talent, by mentoring, upskilling and cross-skilling permanent members of staff who are less knowledgeable in this area.
Internal development has long been a more cost-effective way of adding new skills than bringing in external candidates. While new staff are important to ensure teams do not become stagnant, the rate of change in cyber security and IoT makes it vital that teams have access to continual training opportunities to keep them up to date.
To expand their pool of candidates, organisations should consider remote workers, both for contract and permanent roles. Our research found that, unsurprisingly, salaries and day rates for both cyber security and IoT professionals were generally lower in the rest of the UK than in London. In the latter, the gap was £9,000, while in cyber security, that difference rose to almost £15,000. For organisations needing to upskill, considering off site and remote workers could represent a more economical way of acquiring talent without sacrificing quality.
Despite the obvious threats of cyber security, in some organisations it could be argued that there is a lack of understanding of the severity of what they could potentially face. While it is imperative that budgets are set and processes followed, senior management teams need to delegate the delivery of specialist functions, such as cyber security, to those with the knowledge and expertise to do so. Having invested significantly in these leadership roles, CISOs and their peers must be given the support and space to deliver businesses’ security strategy.
IoT offers huge opportunities for organisations – but only if they have the right cyber security foundations in place to take advantage of new innovations safely. By hiring the right talent, businesses will be better placed to fully protect their operations from malicious attacks. To do that, they need to have a broad perspective on how, who and which skills to hire, and how they can develop their existing staff to meet their current and future demands. By taking a blended approach to talent acquisition – tapping into the contractor market to build a hybrid team of permanent and temporary workers – organisations will be able to better protect themselves against cyber threats without hampering their IoT potential.