DCMS report: Cyber security skills in the UK labour market 2020

The Department for Digital, Culture, Media and Sport has released a report entitled ‘Cyber security skills in the UK labour market 2020’ detailing the UK cyber security skills shortfall, both in terms of people and available roles across the sector.

The research has been conducted and compiled by Ipsos MORI, in association with Perspective Economics and Professor Steven Furnell from the University of Plymouth.

The report documents four key lessons learned from the research which are:

  1. Skills gaps and shortages continue to effect a large number of organisations with more investment needed in technical skills and training, both within the cyber sector and wider economy;
  2. Schools, universities and training providers need to give students a holistic skillset, covering the relevant technical skills and soft skills that employers demand, making them more effective in business contexts;
  3. The cyber security labour market is challenging to navigate, with further guidance on career pathways, qualifications and training vital as efforts to improve are made;
  4. Many employers could benefit from broadening their recruitment practices, to employ more career starters, apprentices, graduates, people transitioning from other sectors or roles outside cyber security, and those from diverse groups.

The report usefully documents the scale of the problems in various areas, including the number of roles that organisations struggle to fill, the number of individuals needed with relevant skills, as well as presenting data around diversity, recruitment and barriers to entering the sector. Key statistics included in the report include:

  • Approximately 653,000 businesses (48%) have a basic skills gap. That is, the people in charge of cyber security in those businesses lack the confidence to carry out the kinds of basic tasks laid out in the government-endorsed Cyber Essentials scheme. Approximately 408,000 businesses (30%) have more advanced skills gaps, in areas such as penetration testing, forensic analysis and security architecture;
  • Two-thirds (64%) of cyber firms have faced problems with technical cyber security skills gaps, either among existing staff or among job applicants. A quarter (25%) say that such skills gaps have prevented them to a great extent from achieving business goals;
  • Around 7 in 10 cyber sector businesses (68%) have tried to recruit someone in a cyber role within the last 3 years. These employers reported a third (35%) of their vacancies as being hard to fill;
  • Fifteen per cent of the workforce are female, sixteen per cent come from ethnic minority and nine per cent are neurodivergent.

The full report can be accessed here.

Dan Patefield, Head of Programme, Cyber and National Security, techUK said:

‘This DCMS report details the skills shortages and gaps that the UK cyber security sector which if not dealt with will continue to threaten the cyber resilience of organisations across the UK. techUK welcomes Governments efforts in better understanding these shortfalls, which will help inform Government and industry solutions to bridge the skills gap across the UK.’