After a period of rapid acceleration, the tech industry – like many other industries globally – is now faced with an increasingly dire economic climate. A flood of redundancies at companies like Meta, Twitter and Amazon shines a light on the hard decisions currently being made amid economic downturn. While the UK’s tech sector has suffered far less than other regions, employees are still looking for ways to safeguard their roles.
At the same time, many tech companies lack the cybersecurity talent needed to protect their organization from increasingly sophisticated cyber threats. In fact, the number of UK organizations reporting a problematic skills shortage has more than doubled from 23% to 51% over the past decade. And without adequate security personnel, tech companies will have less resources to focus on much-needed innovation that will see them through a recession.
So, how can the UK’s tech sector focus on closing its cybersecurity skills gap, despite being asked to do more with less in an increasingly challenging economic climate?
Strengthening Cybersecurity Skills with L&D
Research shows that nearly a quarter (24%) of HR leaders within British tech companies believe cybersecurity is the digital skill most lacking within their organization. Encouragingly, most (88%) companies plan to spend more than £25,000 in the next 12 months to fill crucial roles, with cybersecurity top of the priority list. However, the dual crisis of recession and a widening skills gap is not one that companies can hire their way out of.
While nearly 90% of companies will increase spending on tech-focused learning and development (L&D) over the next 12 months due to the threat of recession, our research shows that L&D spending is not aligned with the skills most lacking. In fact, despite UK tech companies lacking cybersecurity skills around software architecture, artificial intelligence (AI) and machine learning (ML), a limited number of organizations are willing to spend more than £10,000 on recruitment and L&D combined to bolster security talent specifically.
Additionally, while many tech companies are willing to pay large salaries to recruit new security talent – with the average UK cybersecurity salary around £63,500 – investment in upskilling current employees remains low. In fact, over the next year, the technology sector will spend an average of £33,676 on recruitment compared to just £31,651 on L&D. These findings are particularly worrying when you consider that companies need to be on the front foot of innovation to remain competitive while protecting themselves from heightened cybersecurity threats.
Looking Ahead
More than a third of Europe’s largest tech companies are currently based in London and the UK remains a beacon of technological innovation. Yet, our research suggests that tech companies across the UK lack the technological skills they need to thrive and remain safe in the challenging months ahead.
With DCMS’ UK Data Skills Gap report highlighting that the supply of university graduates with specialist technological skills is limited, companies must accept they have a larger role to play to increase digital skills internally rather than simply looking outside for ready-made talent. Business leaders must put adequate investment and support behind the upskilling of current employees to bolster cybersecurity talent and drive innovation.
At the same time, employees should prioritize cybersecurity-related L&D to make themselves an invaluable asset to their organization – proactively identifying training opportunities with a quality L&D partner, one that aligns with their unique learning style and objectives. While there is no cookie-cutter approach to upskilling, employees should be granted access to a range of learning opportunities as part of a defined path of individual development and wider organizational culture of personal development.
With turbulent times ahead, tech employers and employees must work together to create a highly skilled workforce. This will be vital to spurring innovation while remaining protected from sophisticated cyber threats.