Cyber security and IoT — the two should go hand in hand.
But, UK businesses are struggling to find the right blend of security skills to harness the power of the Internet of Things (IoT).
This is according to the latest Experis Industry Insiders report, which examines how the growth of IoT is impacting the cyber security jobs market.
The emergence of IoT as an asset that needs to secured is driving employers to think differently about their business and workforce strategies.
The IoT era
Gartner predicts that 25 billion connected things will be in use by 2021. This presents a huge opportunity for businesses to harness data, optimise their operations and deliver more relevant experiences to users.
But, there’s always a but… this new technology also opens up more vulnerabilities to potential cyber threats, because they are insecure by design. The report says that to succeed, businesses need to be able to capitalise on the promise of IoT without exposing themselves to dangers, and that all starts with talent and skills.
It’s also critical to have security built into these IoT devices in the design stage — that way, they are less vulnerable to cyber attacks and less likely to be taken over in malicious botnets.
2.8m UK businesses vulnerable to IoT and OT cyber attacks
Cyber security skills shortage
The latest Experis Industry Insiders report shows that there were 13,214 cyber security roles advertised in Q4 2018 — up 10% year-on-year and 16.6% from the previous quarter.
Average cyber security salaries dipped 2% year-on-year to £58,557 (a surprising figure, perhaps), while contractor day rates soared by 19.6% during the same period, to £505. So, the report reveals that while demand for cyber security professionals continues to rise, businesses are prioritising short terms fixes via contractors, over long-term solutions to their talent needs.
Cyber security and IoT
IoT is currently a much smaller jobs market, but the demand for these roles also rose 48.8% to 4,968 in Q4 2018 — from 3,338 in the previous quarter.
Both permanent salaries and contractor day rates also increased year-on-year as well, by 1.5% and 4% respectively.
The demand for IoT technology skills is building, and could be set to soar, alongside the business demand for the technology, over the next few years. With the cyber security market already stretched, businesses will need to consider creative solutions to both skill sets if they are to harness the power of IoT technology securely.
Martin Ewings, director of Specialist Markets, Experis, comments: “IoT offers huge opportunities for organisations, if they have the right cyber security foundations in place to take advantage of new innovations safely. We can see that there is a strong demand for top talent, but the market is struggling to keep pace. Businesses are having to be creative and take a blended approach to their talent acquisition strategies – tapping into the contractor market to build a hybrid team of permanent and temporary workers. In doing so, they can have fast access to the skills they need right now, while taking a longer-term view by building permanent capabilities and investing the time required to enable strategic development.”
An analysis of job titles reveals that it is front line workers who are most in demand. In cyber security, there are more open vacancies for security engineers, consultants, architects and analysts than any other position. For IoT-related postings, software engineers, technical architects, managers and testers are most sought after. This highlights how much emphasis is being put on actually being able to build and analyse, in both areas of technology.
It’s time to take IoT security seriously
Higher cyber security salaries on the horizon: show me the money
According to the report, this increased demand for workers in these roles translates into higher remuneration, with security and technical architects being among the best paid in both sectors. Information security architects, for example, can command up to £87,658, less than £2,000 short of the advertised salary of a head of information security, while IoT-focused technical architect roles were being posted with an average pay of £77,341.
“The rise of IoT is transforming the world of cyber security and the focus is now on being able to spot, isolate and deal with anomalies in data,” continues Ewings.
“As more devices are connected, data is continually passing in and out of an organisation. Trying to put a wall around all of it simply is not possible, so cyber security is shifting towards allowing data to pass unhindered, but monitoring it for unusual or unexpected patterns. We’re seeing the skills that are most in demand shift with this trend – from security information and event management (SIEM), in tools like LogRhythm, QRadar and Splunk; to auditing and compliance experience with Qualys, or knowledge of implementing holistic security tools from Sophos or Symantec.”