Cyber security talent shortage myths
A whopping 80% of organizations have suffered a breach that they could attribute to a lack of cybersecurity skills and/or awareness, per Fortinet research, so it’s safe to say businesses are well-aware of the importance of filling cybersecurity talent gaps.
To make matters worse, the widespread move to remote work in 2020 has expanded the number of entry points for cyber attacks, resulting in a tenfold increase in ransomware attacks, according to the 2021 Global Threat Landscape Report.
Cyber skills are in demand, but the shortage of cyber talent continues to be an issue, with recent research by the UK Department for Digital, Culture, Media and Sport (DCMS) revealing that one-third of UK businesses have advanced cyber skills gaps, and more than 50% have a basic cyber skills gap where they lack the confidence to carry out even the minimum security tasks laid out in the government-endorsed Cyber Essentials scheme. And with cybersecurity job postings on the rise – increasing 58 percent from 2020 to 2021 – a solution to the skills shortage seems even further out of reach.
However, by dispelling some of the most common myths around the cyber security talent shortage and taking a new approach, organizations can make real headway and recruit the talent they need.
Myth #1: There’s just not enough skilled talent
Current projections put the UK’s cybersecurity recruitment shortfall at around 10,000 people a year. This is based on estimates that the UK should be attracting 17,500 new people each year but is currently only generating 7,500 in new supply, per the DCMS. However, while there is a shortage here in the UK, this doesn’t take into consideration the untapped pool of global cybersecurity talent.
As more and more organizations have become remote-friendly, physical location is no longer the barrier it once was. And with countries like Brazil and India counting 3 million available candidates with a Bachelor’s Degree, recruiting with a wider geographical lens can greatly increase your chances of finding the cyber talent you need.
In fact, in WorkMotion’s Local Talent Index, which ranks the remote employment market in 100 cities worldwide based on access to talent, local salaries and remote working infrastructure, reveals that the top cities for cybersecurity talent aren’t even in Europe. The top three include: 1. Bangalore, 2. Kuala Lumpur, 3. Buenos Aires, with London coming in at fourth.
Expanding your hiring to include global talent, working remotely is a key way to fill the cyber security skills gap.
Myth #2: Cybersecurity talent has to be onsite to be productive
Some business leaders have pushed back on the idea of employing remote cybersecurity talent because they believe remote workers aren’t as productive as onsite ones. However, recent research has shown that working from home is as productive, or more productive, than working in an office, per Owl Labs, with 85% of global businesses agreeing that location flexibility boosts productivity.
A related concern organizations have when it comes to global remote talent is the issue of working from different time zones. But there’s a growing movement towards asynchronous (or ‘async’) work, which refers to employees working and communicating on their own time schedules, without the expectation that employees are online and immediately responsive during the same set hours. Async working enables team members to complete their work and answer colleagues when it’s convenient for them but still within a reasonable timeframe, like 24 hours, for instance.
As well, for many global businesses, people are working on opposite sides of the globe, such that when one person is finishing off their daily tasks, another colleague has just woken up. Async collaboration allows for better coverage and responsiveness – something that’s extremely beneficial for a company operating in different time zones around the world.
Myth #3: It’s too costly and complicated to hire and manage global remote talent
Many companies would like to hire internationally but are worried that the tax, accounting, and labor law requirements will be too big a headache. And these are legitimate concerns, from adjustments to employment contracts that may be needed in order to meet new local labor laws to complying with the different statutory and non-statutory employee benefits and entitlements in various countries.
However, whether it’s international onboarding, contract generation, or local salary calculation, there are technology tools that can enable companies to hire compliantly in hundreds of different countries. Such platforms provide all the information needed, like local probation periods, paid time off and notice period requirements, and more – all without the time and expense of tax and labor lawyers.
Likewise, while ‘workations’ (or temporary work from abroad) are a sought-after benefit that can attract and retain cyber talent, navigating corporate tax liability issues and work permits on a case-by-case basis can be time-consuming and costly. There are also similar HR tech tools that make ‘workations’ much easier to grant and administer compliantly.
Conclusion
The cybersecurity skills shortage is an ongoing problem, but understanding and busting the myths around hiring and managing remote global talent is the key to the solution. Technology has made it possible not just for global enterprises, but for mid-market enterprises and SMEs, to hire team members from anywhere in the world with the click of a button, and manage them from one dashboard, automatically running payroll and staying fully compliant on taxes, national insurance, benefits, and healthcare systems.
Hiring talent from anywhere, and allowing them to work from everywhere, is not just the future of work, it’s the current answer to today’s cyber security talent gaps.
