3 ways the IT Security workforce is changing

3 ways the IT Security workforce is changing
Recent months have seen countless companies – big and small – hit the headlines, because of cyber security breaches. Add the extensive requirements of the upcoming GDPR reform, and it’s hardly surprising that IT Security now has a firm place at the top of the boardroom agenda.

As business leaders increase investment in defences against hackers, we’re starting to see a shift in how they integrate the necessary skills into their wider workforce. The IT Security workforce is evolving – here are three forces that are currently at work:

1. Employment models are changing

More and more organisations are beginning to realise that IT Security isn’t a one-time project. It’s a critical business component that needs ongoing investment. As a result, businesses are now focused on recruiting permanent IT Security employees. In fact, our latest Tech Cities Job Watch report revealed a 53% surge in demand for permanent IT Security skills year-on-year. That’s compared to a rise in demand of just 15% for contractors over the same period.

Of course, that’s not to say that contractors won’t be important going forward. Far from it. They’ll continue to be a critical weapon in the IT Security arsenal – but they’ll be used differently. In the future, contractors won’t just be called upon to deliver short-term fixes. Instead, smart employers will increasingly use contractors to empower and upskill their permanent workforce. This will allow them to stay ahead of the curve, even as the IT Security environment inevitably evolves.

2. Pay is on the up

Growth in the permanent recruitment market over contractors has been reflected in pay too. Our research found that annual IT Security permanent salaries climbed by nearly 5% across the 10 major UK tech cities compared to the year before. That’s compared to a meagre 0.62% rise in contractor day rates.

With demand for IT security talent at an all-time high, organisations that want to plug their skills gap are willing to pay more than ever before. They recognise that they need to open their wallets, to secure the right people with the right experience at the right time. Without increasing their investment to attract the best talent, their business risks becoming the next cyber security headline.

3. Development is more important than ever

Years ago, we could not have anticipated the exponential growth in technology capabilities. Nor could we have predicted the extent to which technology is now embedded in our lives. Unfortunately, this is reflected in the supply-demand imbalance of IT Security professionals. We’re reliant on them to preserve our safety and privacy as consumers, citizens and organisations – but there are simply not enough of them.

As a result, providing development opportunities is more important than ever before. Nonetheless, it’s challenging. After all, a syllabus developed today would by its very nature be addressing yesterday’s security challenges – not tomorrow’s. Nonetheless, to equip existing and new security professionals with the tools required to defend against future attacks, businesses must foster a culture of learnability and upskilling, to ensure they’re able to keep up with emerging and zero-day threats.


The challenges associated with information security are growing, in line with the exponential evolution of technology and our increasing reliance on it. Some challenges can be anticipated; but many cannot. We need the judgement and skill that only IT Security professionals can provide to navigate this hostile territory. In short, IT Security talent management needs to be at the forefront of your organisational strategy.

Download the latest Tech Cities Job Watch report to find out more.