In 2020, a Cyber Security Skills Survey was conducted with Cyber Ireland members to provide a better understanding of the current labour market for cyber security skills in Ireland. Over 80 respondents from industry provided data on: Cyber Security Roles & Certifications, Hiring & Retaining of Staff, Skills & Training, and Gender Diversity Programmes. The results have highlighted strengths and identified challenges, including Cyber security skills gaps (people lacking appropriate skills) and skills shortages (a lack of people available to work in cyber security job roles). These shortages are impacting organisations of all sizes (micro, small, medium and large), across a range of sectors, including indigenous and foreign owned companies. To address these challenges, recommendations are made that need to be jointly addressed by industry, academia and government.
The cyber security cluster in Ireland will continue to grow, in line with international trends of a growing cyber security market and demand for talent:
• 62% of organisations plan to hire in 2021.
• 82% will hire technical security staff and 50% will hire new graduates.
• Twenty organisations noted they have 70 open cyber security positions in total
• 81% of organisations have staff with a general technical degree, 50% with cyber security master's degree and 11% with PhDs.
This bodes well for the growth of the cluster but asks questions of whether the Irish labour market has the skills available to meet this growth and take advantage of international opportunities.
Cyber security teams are understaffed and there is evidence of a significant skills shortages:
• 41% of organisations security teams are understaffed and a further 5% are significantly understaffed.
• 48% of the companies have open or unfilled cyber security roles.
• For 19% of organisations it takes six months or more to fill a cyber security role
• 43% of cyber security hires are from outside of Ireland (28% from Europe and 15% outside Europe),
• Most difficult roles to fill are: Security- Engineer, Analyst, Architect, Consultant, Specialist.
Skill Gaps (people lacking appropriate skills)
Skills Gaps were identified as a serious challenge impacting industry.
• 77% of the open (unfilled) cyber security roles are technical cyber security positions,
• 34% of respondents cite a lack of technical skills as the primary reason for open roles not being filled
• To address skills gaps, 65% have increased staff training, almost 30% have increased their reliance on artificial intelligence or automation and 25% increased their reliance on certification to attest to tactual skill mastery.
There are significant investments in upskilling and training by organisations:
• 72% have conducted an analysis of their cyber skills needs.
• 52% have a formal cyber security training programme.
• 32% were dissatisfied or unsure of the effectiveness of their training programme.
• Almost all organisations (93%) support their employees in furthering their cyber security education and certification.
New graduates from undergraduate and short-term courses, in particular apprentice programmes, play a vital role in addressing skills shortages and skills gaps if graduates’ skills meet the requirements of industry:
• Graduates’ salaries in cyber security roles are attractive with almost a third earning between €25k-€35k and a third earning between €35k - €45K.
• Over a quarter (26%) of organisations believe graduates are less qualified than expected and 5% are poorly qualified.
• Only 17% of organisations had a staff member with a cyber security apprenticeship
The cyber security sector is male-dominated in Ireland and organisations are experiencing difficulties in retaining women:
• 27% of organisations have all male cyber security teams and 42% have significantly more men than women.
• 27% of organisations have difficulty in retaining women in their cyber security team.
• 30% of turnover is due to “family situation changes (e.g. children, marriage)”
• 44% of organisations don’t have a diversity programme to support women weren’t aware if such a programme.
The results have highlighted strengths and identified challenges, including Cyber security skills gaps and skills shortages. These shortages are impacting organisations of all sizes (micro, small, medium and large), across a range of sectors including indigenous and foreign owned companies. To address these challenges, recommendations are made that need to be jointly addressed by industry, academia and government.