Nearly three-quarters of businesses have admitted that the shortage of security skills means that they would consider hiring an ex-hacker in a bid to stay ahead of cyber criminals.
A KPMG survey of 300 senior IT and HR professionals at organisations employing over 500 staff found that many companies face challenges in finding and retaining people with the skills to confront cyber threats.
Three-quarters of those surveyed said that they face new cyber security challenges that demand new skills to defeat, while 70 percent admitted that their organisation lacks data protection and privacy expertise.
Despite 60 percent of respondents claiming to have a strategy to deal with skills gaps, 57 percent said that it has become increasingly difficult to retain skilled cyber security staff over the past two years owing to aggressive headhunting.
Many of those surveyed indicated that the challenge arises from the different skills needed for cyber security as opposed to traditional IT roles.
KPMG suggested that this situation is pushing companies to consider hiring ex-hackers who have turned to cyber security.
Some 53 percent of respondents admitted that they would consider hiring a cyber security expert even if the person had a criminal record for hacking.
Serena Gonsalves-Fersch, head of KPMG’s Cyber Security Academy, explained that companies are becoming more aware of the need for security skills, but she does not believe that hiring hackers is the way ahead.
“They wouldn’t hire pickpockets to be security guards, so the fact that companies are considering former hackers as recruits clearly shows how desperate they are to stay ahead of the game,” she said.
“Rather than relying on hackers to share their secrets, or throwing money at off-the-shelf programs that quickly become out of date, UK companies need to take stock of their cyber defence capabilities and act on the gaps that are specific to their own security needs.”
The UK’s digital skills gap is a major concern for the technology sector. The National Audit Office predicted last year that cyber crime costs the UK up to £27bn a year.
The government hopes to close the skills gap by urging technology companies to support the education sector in building up the digital skills needed for the future.