Skip to content
Back to Blog Security professionals reading research
Cyber Security calendar    Apr 29, 2020

76% of cyber security leaders face skills shortage in fight to improve the value proposition

An outline of the latest findings of the Stott and May Cyber Security in Focus 2020 research reveal that leaders are still struggling with the skills gap and access to talent.

London – 28 April 2020 – The latest findings of the Stott and May Cyber Security in Focus research reveal that leaders are still struggling with the skills gap and access to talent. Most respondents (76%) believe there is a shortage of cyber security skills in their company, which represents an improvement on 2019 (88%), however, the problem still seems more potent for mid-market and large enterprise businesses. Organisations are still struggling to source cyber security talent (72%) with no material improvement around time-to-hire from 2019.

Not all roles are created equal

Security leaders are finding some roles more acutely challenging to resource than others with Jim Rutt (CISO at the Dana Foundation), one of the participants in the research, stating “I think it’s more apparent in individual contributor roles like Security Architects, Security Engineers and high level SecOps professionals. There’s a shortage of good talent in those areas, emphasising the word ‘good’. But at that leadership level, whether it be Directors or CISO’s, I see no real shortage.”

The biggest barriers to strategy execution

The panel of security executives selected for the report revealed that internal skills were in fact the largest barrier to strategy execution in cyber security functions (39% felt this way) followed by budget (30%), board level buy-in (22%) and technology (9%). Creating a headache for security leaders to resource their functions more effectively. 46% of respondents believed that Machine Learning and AI could offer part of the solution in terms of automating more workloads to reallocate people resource to higher profile projects. Others (30%) were looking to get more creative around hiring internal talent with transferable skills.

Upskilling talent with transferable skills is likely to become more challenging in the backdrop of the COVID-19 pandemic as Stuart Mitchell, Head of the Cyber Security practice at Stott and May explained “businesses have been very deliberate in retaining their top end security talent amidst the layoffs in other areas. Where I see the real impact is at the junior level where companies will be reluctant to onboard inexperienced staff during and in the immediate aftermath of the pandemic due to the physical challenges of coaching them during this work from home period.”

The growing impact of security on the value proposition

This all comes at a point where cyber security functions have a greater role to play in improving the value proposition to customers. Buyers across all sectors are becoming more educated on the issue of cyber security and data privacy, creating a knock-on impact on purchasing trends and profitability. 69% of the sample stated that their organisation believed that the cyber security function had a positive impact on the value proposition of the organisation.

There’s little doubt that respondents see cyber security moving up the list of boardroom issues, with 54% stating their businesses treat the issue as a strategic priority. This perception seems to be even stronger in high growth mid-market firms, with 83% pointing towards its strategic significance.

The Stott and May Cyber Security in Focus Survey examines the key issues that have made an impact on the market over the course of this year. The research is based on the collective experience of 55 cyber security leaders sourced from Stott and May’s professional network. Respondents were asked to share their views across a wide range of issues including, but not limited to, the skills shortage, the boardroom perception of cyber security, talent attraction and the challenges associated with securing business in the cloud.

The full report is available here.

Our infographic 'Cyber Security The Route to Business Impact is available here.

For further enquiries contact:
Dave Struth
Head of Marketing
0207 993 7145

About Stott and May

Founded in 2009 Stott and May are a professional search firm with a passion for helping leaders achieve complete confidence that they have hired the right talent, first time in fiercely competitive markets. We believe you should never have to make the choice between quality of candidate and time to hire.

As a result, our business has been founded on the principle of offering a premier standard of search service delivered in vastly accelerated timescales, that our competition simply cannot match. Because after all this is about more than just recruitment, it’s about turning your business vision into reality.


Head of Marketing


Subscribe to our newsletter

Get the latest hiring insights direct to your inbox.

Latest Articles

3 tips for creative recruiting in incident response

3 tips for creative recruiting in incident response

We recently spoke to Jenna Zucali, Chief People Officer at Surefire Cyber, as part of our Cyber Insurance: Talent Trends Review 2023 report...

5 great examples of inclusive job adverts

5 great examples of inclusive job adverts

Creating an inclusive job advert is an essential first step when attempting to attract diverse talent. It forms a candidate's first impress...

51% of CISOs see budget as biggest barrier to strategy execution

51% of CISOs see budget as biggest barrier to strategy execution

Stott and May's Cyber Security in Focus report explores the trends affecting CISOs, providing insights into the questions at the forefront ...