Skills Shortage Threatens Cybersecurity of Companies

With increasing digitization, the threat of cyber attacks is also rising and so is the demand for IT security experts. According to the latest Risk & Cybersecurity Study by IT business Tata Consultancy Services (TCS), companies see the biggest challenge in cybersecurity not in the budget, but in the lack of professionals with relevant expertise. According to the study, half of European companies (49 per cent) plan to hire professionals with cybersecurity skills in the future, with that figure rising to two-thirds (65 per cent) in the US.

Skills shortage among top challenges for cybersecurity

Chief risk officers (CROs) and chief information security officers (CISOs) report in the survey that they have already had difficulty attracting (44 per cent) and retaining (42 per cent) talent with cyber risk and security skills in the past year.

The second biggest challenge according to the CROs and CISOs is a changing work environment with increased possibilities for remote work and the associated risks. For example, innumerable employees had to be given remote access to their employer’s systems and databases at short notice due to the pandemic and the resulting move to remote work. This opens up new points of attack for cybercriminals. Assessing security risks and quantifying their costs is the third biggest obstacle for the respondents.

Cybersecurity not a budget issue

Only tenth place in the ranking are budget constraints. The fact that the latter are affecting fewer and fewer companies is shown by the high level of willingness to invest: 52 per cent of European companies and 62 per cent of North American companies stated that they had increased their budgets for IT security since last year.

Commenting on the study’s findings, Gerard Grant, Director, Strategic Initiatives at TCS Ireland said “Keeping abreast of the most advanced tactics of cyber criminals is not a question of cost. Rather, the challenge lies in finding and retaining the right professionals with the required know-how.”

TCS employs over 1,100 people in Ireland across a range of high-skilled tech related roles. TCS operates a state-of-the-art Global Delivery Centre based in Letterkenny which includes an innovation lab and plans are now in place for building further business units, together with centres of excellence in cyber security and cloud services.

How companies ensure they have a recruiting edge

One measure alone can’t solve the skills shortage. “However, companies can help fill the skills gap by using external service providers for harder-to-staff work, such as 24/7 network monitoring, while growing talent internally by giving them exposure to not only the technical but the business aspects of cybersecurity,” says Gerard Grant. In addition, the study shows that the more frequently the board of directors engages in cybersecurity, the more successful the company is in finding and holding onto their top talent with cyber risk and security skills.

TCS’ study also finds that talent retention directly correlates with how a company stores its information. Cloud-positive organizations were found to have a slight advantage in retaining and recruiting talent with notoriously hard-to-find cyber skills, compared to those companies who think that on-premises or traditional data centre security is preferable to what is available via the cloud. In fact, embracing cloud platforms gives companies a five-point advantage in recruiting and retaining talent with cyber risk and security skills.

“As businesses look to keep up with rapidly evolving complexities in cybersecurity, the talent gap is widening,” said Bob Scalise, Managing Partner, Risk and Cyber Strategy, TCS. “Demonstrating a serious commitment to cybersecurity by sustained attention from senior leadership, funding, and process changes will be vital to recruiting and retaining top talent.”

The TCS Risk & Cybersecurity Study, published by the TCS Thought Leadership Institute, highlights the most pressing cybersecurity issues facing senior business leaders across Europe and North America. The study is based on the results of a survey of more than 600 CISOs and CROs, from companies with at least $1 billion in annual revenue, across banking & financial services, utilities, media & information services, and manufacturing. Topics include global risk, cybersecurity, resilience, and ecosystem/cloud security. The survey took place in February and March 2022.

To view the full report and receive more information, visit