Opportunity abounds within cyber security
The increased number of data breaches across the globe, the ability of malicious actors to operate from anywhere in the world, the linkages between cyberspace and physical systems, and the difficulty of reducing vulnerabilities and consequences in complex cyber networks.
These are just some of the factors fuelling the growth of the cyber security market, which is expected to grow globally from an estimated value of $173.5 billion in 2022 to $266.2 billion by 2027 – at minimum. Some experts predict the global cyber security market will be worth as much as $403 billion by 2027. This is from an approximate global market size of $86.4 billion in 2017, which highlights to what extent cybercrime has grown over the last five years – and will continue to grow.
However, such exponential growth brings the urgent need for more trained cyber security professionals, a challenge often overlooked by those outside the cyber security industry. It might be obvious that as organisations become increasingly digital, they leave themselves exposed to newer and more dangerous threats. But what about the people who deal with those threats and safeguard organisations? Skills and talent shortages, issues with employee retention, highly skilled technical workers being promoted to leadership roles without the requisite soft skillset or management training – these are just some of the challenges the cyber security industry faces as a result of the industry’s massive growth.
Take Ireland as a case study. According to the most recent State of the Cyber Security Sector in Ireland report from Cyber Ireland, it is estimated that annual cyber security related revenue in Ireland reached approximately €2.1 billion for 2021, with 489 organisations employing 7,300 people and contributing €1.1bn in Gross Value Added (GVA) per annum. Yet 61% of organisations in Ireland have personnel-related issues (i.e. lack of candidates with the appropriate skill level, competition for staff, lack of non-technical skills, or unaffordable salaries) with a further 10,000 cyber security workers needed in Ireland to plug this critical skills gap. High-performing employees tend to move on after 2-3 years, while remote work throws up further challenges, with employees getting further away both from physical interaction and from connecting with their organisation’s purpose, mission and values.
One organisation attempting to meet this challenge is Cyber Ireland, the national cyber security cluster organisation bringing industry and academia together. “We’ve set out a goal to develop a pipeline of homegrown cyber security talent in Ireland and have made significant progress over the last four years,” said Eoin Byrne, cluster manager in charge of education outreach for Cyber Ireland.
“Through engaging with four Irish universities, MTU, Technological University Dublin, University College of Dublin and UL, the Cyber Skills project was created to address this specific industry skills shortages and awarded funding of €8.1m by the Higher Education Authority.”
Byrne’s goal is to “put Ireland on the map” as a cybersecurity leader in Europe, via building the community, developing a cyber security talent pipeline, building an R&D ecosystem and supporting Irish companies to scale and export which includes much needed investment (although global investment in cybersecurity firms surpassed $20 billion, Byrne recently notes that many Irish companies faced issues around securing investment in Ireland).
To achieve this mission requires leaders with a skill set that goes beyond technical proficiency –one based around an awareness of a leader’s own leadership style, an ability to become an effective communicator, growth in their emotional intelligence and the skill to cultivate engagement, wellbeing and a culture of psychological safety.
These skills are sorely lacking in the Irish, European and global cyber security landscape. Due to talent and skills shortages resulting from the exponential growth of the industry, oftentimes highly skilled technical folk are put into management and leadership positions before they have developed the soft skills required for a management role. To help develop these skills in cyber security leaders and solve the “translation challenge,” Cyber Ireland has partnered with the Irish Management Institute.
Quite often, technical people speak a language no one else within the organisation understands, but they also struggle to understand business language and how to frame and discuss technical issues within a wider business context.
The big challenge is to marry and translate cyber and general business issues, so everyone is talking about the same things with a view to the same goal, which is making our organisations successful, competitive, relevant and safe. Because cyber security isn’t ‘just’ a technology issue – it’s a mindset around how we think about technology. It’s a people, board and leadership issue.
Ireland stands on precipice of becoming a world leader in cyber security. With the sector growing at a rate of over 10 per cent per annum, the Irish cyber security sector could employ over 17,000 people and create €2.5 billion of GVA by 2030 – if such growth continues. The aim of the project between the IMI and Cyber Ireland will be to develop leaders who can help the cyber security sector meet its growth targets by instilling a dynamic, agile and flexible mindset into teams while navigating a world that is hyper-connected, hyper-disrupted, and where today’s business models may not be relevant tomorrow.
To find out more about the IMI Leading in Cyber Security programme, you can visit this link.