Today was the original deadline for the UK’s exit from Europe. We’ve pushed it off a little — exactly how far is yet unclear — and the signs are that continuing uncertainty about the UK’s future status in Europe is exacerbating the cyber-skills shortage.
The cybersecurity industry is suffering, according to Simon Hember, group business development director at specialist cybersecurity recruitment agency Acumin.
“The demand is going one way and the supply is going the other, which is causing a lot of issues,” he says. “We're seeing a diminishing supply of foreign nationals coming into the UK to fill some of those cyber-jobs. That is certainly causing quite a lot of challenges, particularly around wage inflation.”
His experience reflects research from venture capital firm Atomico, which surveyed 5000 tech workers across Europe late last year. It found that the UK was the largest consumer of inbound technology talent (not just cybersecurity) from Europe, taking a full third of all tech workers migrating within the EU. Roughly half of the UK tech workforce comes from elsewhere. Yet the UK has seen the biggest decrease in immigrant tech workers, the report found.
This echoes the results of Infosecurity Europe’s cybersecurity skills poll, released this week. The event asked 9700 Twitter followers, along with the CISO community, what cybersecurity skills issues they were experiencing. The biggest barrier to recruitment was a lack of technical talent, it found.
Along with Hember, Chris Batten, director at Rant, a networking and discussion community for cybersecurity professionals in the UK, is equally concerned about the Brexit effect on UK cybersecurity skills. He believes that relationships between the UK and other European cybersecurity hubs have eroded, and that the possibility of restrictions on labour movements isn’t helping.
“We're having to look at home grown graduates specifically in the UK in order to fit to facilitate the demand, and that's not an easy thing,” he says. As the external assessor for MSC and BSC courses at three universities, he warns that there are not enough technical skills coming out of the UK education system.
Josh Keeley, recruitment manager in the cloud computing and cybersecurity division at recruitment company Blackthorn Trace, hasn’t seen much impact from Brexit to date. He thinks that may change if the UK does leave.
“Post-Brexit we may see the fact that some companies will hire more contractor and interim staff, especially at the senior level, because they may not want to bring on the headcount,” he warns. Companies uncertain about their future plans, especially their office location, might not want to commit to permanent staff, he suggests.
The more uncertainty we see around Brexit, the bigger the chilling effect on cybersecurity talent in the UK is likely to be, especially as other EU countries hone their cybersecurity expertise, and at least for the time being, that uncertainty seems set to continue.
The topic of Incident Response & Security Operations will be covered throughout the free-to-attend conference at Infosecurity Europe in London from 4-6 June. See all the talks on Incident Response & Security Operations here. Infosecurity Europe is the leading European event for information and cyber security; find out more and secure your free visitor badge.
