Andy Hague


Do you really need to hire cybersecurity staff?

The cybersecurity skills gap is a problem that needs addressing. According to the Center for Cyber Safety and Education, there will be 1.8 million unfilled cybersecurity positions by 2022, up 20% from 2015. While classrooms and self-taught security experts will help to occupy some of these roles going forward, there is likely to remain a gap in the market that will need to be filled.

Or will it?

The skills gap has arisen in part as a result of business’ demand for more robust security skills on staff. It seems an almost weekly occurrence that a company has suffered a huge breach and lost potentially millions of users’ data. In fact, since 2013, close to 4 million personal records have been stolen every day, so the sense of urgency is understandable.

Among other things, these security breaches have been partly exacerbated by the surge in volume of connected devices we’ve seen over the last two decades, and it’s set to get greater still as the Internet of Things gains traction. Our attack surfaces have never been larger, and our cybersecurity skills and practices have failed to keep pace. In short, the cybersecurity labour shortage will not plateau. Businesses need a solution, and fast.

The challenges ahead

Right now, hiring cybersecurity professionals can be a costly process. Security experts are in high demand and so you may find their salaries run beyond your allocated budget, even if your company takes security seriously.

Onboarding is also a major investment, from both a time and cost perspective. They will require time to familiarise themselves with your systems, infrastructure and business processes, so it can take many months before they are adding value.

What’s more, even after a laborious onboarding process, there is no guarantee of retention. Because cybersecurity experts are in such high demand, it is becoming increasingly difficult to retain their services. Other companies, with potentially larger budgets, can tempt your experts away with the promise of lucrative salaries.

This isn’t to say that any cybersecurity professional you hire will cut and run at the first sight of a bigger pay cheque or a more comprehensive benefits package. You might not be left with a skeleton crew, but you do need to be aware of the realities of the current labour market. Unless your organisation can match the top offers, one of those 1.8 million unfilled security roles could be yours.

It’s a far from ideal situation. But there is a solution to this growing problem. And that solution is to skirt it entirely.

A new model for Cybersecurity

Today, many businesses are cottoning on to the fact that the old model of cybersecurity – recruiting people to work in-house – isn’t fit for their purposes. Instead, they are turning towards cybersecurity partnerships to protect themselves while avoiding the expensive and lengthy hiring process.

A cybersecurity partnership is a collaborative effort between a specialist service provider and your business. Much in the same way that many businesses outsource the marketing to external agencies, outsourcing security expertise can prove more cost-effective while delivering many of the benefits of having an in-house security team.

The right cyber partner will make your work easier by calling upon their wealth of experience from the front lines of cybersecurity, offering a strong mixture of disciplines and capabilities to help keep your business secure. They will be continually honing their skills and improving their services to give you peace of mind.

They will also offer a range of services to suit what your business actually needs. Whether that’s implementing a new holistic cybersecurity strategy, assessing and maintaining existing practices and infrastructure, or offering a specific service such as 24/7/365 protective monitoring, they should quickly gain a deep understanding of how your organisation functions. Ultimately, they must work as an extension of your existing team to provide the solutions that are relevant to your business and be on-hand when required.

So, while the cybersecurity skills gap will continue to grow, there are alternatives out there that may save you and your business from a lengthy and expensive hiring process. Perhaps a different approach will work for your business.

For an in-depth look at what you can do to ensure your business is safe in the midst of the cybersecurity skills gap, be sure to read our whitepaper ‘Solving the Cyber Skills Crunch: A New Model for Cybersecurity’.

Other resources

Case studies

Our cyber consulting team works with clients from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here. Learn more >


See what our team have been discussing around current issues in regulation and data security, and recommended processes and policies that will benefit your business. Learn more >


In our collection of whitepapers, Cyberfort’s cyber consulting experts explore issues from cyber threat intelligence to incident planning and data security. Read our whitepapers to help make informed decisions for the benefit of your business.Learn more >