Skip to main content

The tech skills gap has huge implications for cybersecurity

(Image credit: Image Credit: Sergey Nivens / Shutterstock)

The government’s Autumn budget signalled a real step change for the tech industry. The move to create a new National Centre for Computing and triple the number of computer science teachers represents significant progress - especially considering recent findings that more than half of England’s secondary schools did not offer GCSE computer science in 2015-16.

Chancellor Phillip Hammond’s words are music to the ears of an industry crying out for change. Shortly before the Budget, at CWJobs we commissioned a wide-reaching survey of tech employers, 94 per cent of whom said the industry is facing a skills shortage.  More worrying still was where they believed the skills shortage was felt most acutely.

Only one in two (51 per cent) workers said that cybersecurity was included in their training; and almost one in four (23 per cent) said they are not confident in handling a cyber security attack. With recent high-profile cyber-attacks including Uber, where 2.7 million UK accounts were affected, and the NHS breach in May that saw 19,500 medical appointments cancelled, the importance of robust cyber security is clear. Or at least it should be …

Skills shortages are widespread

Worryingly, some employees feel inadequately prepared for the demands of technology in several, key areas such as coding, cybersecurity and cloud migration.

When employers do find talented tech talent possessing hard-to-come-by tech skills, they retain them by offering flexible working (60 per cent) and in-house training (50 per cent). Over one-third of tech employers (37 per cent) are offering more training in coding to retrain and upskill employees.

Employers are trying to ‘do their bit’. Over half (55 per cent) said their company has its own training programme for entry-level employees looking to be trained in a new area of their business, and 58 per cent of employers said they are retraining existing staff to address the skills gap.

Underprepared for a cybersecurity attack 

With employee confidence so low, it is perhaps unsurprising only half (50 per cent) of SMEs said their company is prepared for a cyber-attack. Strangely perhaps, only half of employers said they look for cybersecurity skills when recruiting new tech talent. This will surely have to change and the question of why so few tech workers have been trained in cybersecurity is no moot point.

Our research found that 65 per cent of employers thought the government had not invested enough in training the next generation.  Beyond the recent budget however, the government has taken steps to address the problem of a skills shortage. In 2016, for example, they launched the National Cyber Security Strategy – part of which incorporates a plan to make sure there is a constant supply of home-grown cybersecurity talent.

However, it wasn’t government, but universities, that 75 per cent of employers said were “primarily responsible” for ensuring tech candidates possessed the right skills. And that’s important because over 80 per cent of tech companies said they are currently struggling to fill cybersecurity roles, with 30 per cent believing this is due to an industry skills gap.

Education, education, education

While A-level grades marginally improved in 2017, there are still systemic issues when it comes to cybersecurity. Simply put: the pipeline of potential STEM talent isn’t strong enough, and there’s a lack of young people entering the cybersecurity profession. So how can businesses address the skills gap?

Organisations might want to look at ways to innovate the recruitment process in a bid to source the skills that they can’t currently find.

Gamification is a good place to start. Just look at GCHQ’s codebreaking masterclass, which enabled candidates of all ages, ethnicities and genders to show their true potential when it comes to cracking code – no degree necessary. By having a gamified entry mechanic, GCHQ levelled the playing field for all applicants, and ensured that the recruitment process was inclusive to prospective candidates from all backgrounds.

Not only did it enable GCHQ to see how well potential candidates would fare on the job, it gave them access to a larger pool of raw talent. In turn, this results in a greater diversity of skills – an essential asset for any business looking to contend with a threat landscape that evolves by the minute.


Another route to bridging the cybersecurity skills gap is for businesses to offer apprenticeship schemes for young people looking to get into the industry.

A cybersecurity apprenticeship scheme involves the hiring of fresh talent after having completed their GCSEs or A-levels. Apprentices can work, develop new skills on the job, while learning and earning at the same time.

This way, apprentices can study for the certifications they require, with businesses also getting the exact cybersecurity skills they need to protect their organisation from threats. What’s more, apprentices don’t have to attend university or college to do apprenticeships, often they can often do their training through online portals.

Taking on apprentices is the perfect way for businesses to nurture a robust cybersecurity team that is fit for purpose and has the technical and practical know-how to fend off cyberthreats.

Beyond cybersecurity 

If a lack of cybersecurity training poses inherent risks to the tech industry, it is not the most absent skill in workers according to employers. That award goes to coding. Almost half (44 per cent) of employers said coding faced the biggest skills gap, while 60 per cent of employers said coding will be one of the most important skills for entry-level employees.

The recent Computer Science Education Week (CSEd Week) December 4 - 10 shows what is being done in America. The initiative is looking to boost computer science skills and links to, a resource dedicated to coding. The website states that 25 per cent of US students have accounts on and that 10 million of its users are female, helping to address the shortage of women in STEM careers. It would be beneficial for a similar scheme to be rolled out in the UK.

While there is clearly much to be done, the Government’s Budget and a recognition by the industry that a skill’s shortage exists, represent positive steps in tackling the problems ahead.

Dominic Harvey, Director at CWJobs
Image Credit: Sergey Nivens / Shutterstock

Dominic Harvey has over 20 years’ experience of the Tech recruitment industry, starting out as an IT recruitment consultant and is now Sales Director of CWJobs, the UKs leading Tech job board.