Mapping IoT and cyber skills

IoT can dramatically improve a huge number of the ways in which we work and live. Yet for every silver lining, there’s a cloud.

For businesses, IoT offers a huge opportunity to harness data, optimise their operations and deliver ever more relevant experiences to users, whether employees, consumers, or other businesses. But it also represents a significant challenge. As organisations become more connected, their digital footprints grow. This increased surface area offers opportunities for hostile parties to penetrate deep into enterprises’ systems. Whether a smart factory, connected home or autonomous car, cyber criminals have a host of new entry points to exploit and wreak havoc. According to Deloitte, 40% of professionals report that managing increasing amounts of data and connected device security pose the greatest cyber security challenges to their organisation.

This leaves organisations needing to capitalise on IoT related opportunities, without exposing their operations to significant cyber threats. In these instances, many people’s initial reaction is to think of the technology required to deliver those objectives. How can we acquire the tools, the infrastructure, the systems to deploy and protect IoT sensors? How will we gather, analyse and action the resulting data? And how can we do all this, while protecting our businesses from increasing threats?

Yet to think implementing and securing IoT is just a matter of hardware or software is to overlook the role of people. As with any technology, having the right skills and abilities in place is as important, if not more so, as having the appropriate tools. Cyber security talent has long been a major focus for employers, with the need such that research house Cyber Security Ventures predicts there would be 3.5 million unfulfilled cyber security job openings by 2021. Professionals with the necessary IoT skills are seeing a similar boom in demand.

Getting the right balance of skills is not straight forward. All companies can be distracted by shiny object syndrome. IoT is new and exciting, while cyber security is about dealing with threats and could be perceived as restricting access, rather than enabling safe innovation.

With increased demand for both cyber security and IoT skills, one would expect spiralling salaries and every-growing demand.

To an extent, that’s true. Following a review of vacancies covering both permanent and contract roles, in Q4 2018 there were 13,214 cyber security roles across the whole of the UK. This equates to a year-on-year increase of almost 10%, up from 12,064 roles at the end of 2017. When looked at quarter by quarter, that demand has spiked – up 16.5% from Q3 2018 to Q4 2018.

However, that has not necessarily equated to an increase in salary. At the end of 2018, the average salary for permanent cyber security roles in the UK was £58,557, rising to £63,243 in London – a drop of almost 2% nationally year-on-year. For contractors, the picture was much better, with the average day rate climbing 19.6% from the previous year, to an average of £505.

This perhaps suggests that organisations are prepared to move quickly to acquire the skills they need immediately, but then taking a longer view of what they need on a more permanent basis.

When it comes to IoT salaries, both permanent and contractor remuneration has gone up year-on-year – by 1.5% for the former, and just above 4% for the latter. The rise suggests that demand will pick up in the next few years – assuming organisations can address their security concerns.

When it comes to the types of roles required, an analysis of job titles reveals that it is the front line that is much in demand. In cyber security, security engineers, consultants, architects and analysts are required most. While in IoT related postings, software engineers, technical architects, managers and testers are most sought after. This highlights how much emphasis is being put on being able to build and analyse, in both areas of technology.

IoT offers huge opportunities for organisations, if they can get the right balance with security. By hiring the right talent, businesses will be better placed to fully protect their operations from malicious attacks. To do that, they need to have a broad perspective on how, who and what they hire, and how they develop their existing staff. Only through a blended approach that covers the broadest relevant talent will they acquire the ability to protect themselves against cyber threats without hampering their IoT potential.

To find out more about the changing demand for IoT and Cyber Security, download the latest Industry Insiders report below.