#HowTo: Solve the Cybersecurity Skills Gap in the Banking Sector

Written by

The threat of cyber-attacks remains a perennial concern for banks today. Financial services firms are 300 times more likely to be targeted by a cyber-attack than other companies. In fact, 63% of financial institutions experienced increased attacks this year, leading one-third to increase their cybersecurity budgets by 20 to 30%.

Cybersecurity touches all aspects of a financial institution, from overall strategy to data protection, communications to customer service. As such, a commitment to cybersecurity needs to be part of the organization’s DNA – championed by the C-suite and infused into every level and department.

Yet, no matter how much money is invested in cybersecurity, financial institutions must prioritize hiring qualified individuals. These skills are nevertheless in high demand, and professionals with the right technological background are in short supply.

Randstad Sourceright’s new 2022 Global In-Demand Skills Report cites cybersecurity as a top 10 high-demand skill. With an average job vacancy rate or the percentage of jobs requiring cybersecurity skills that are unfilled of 14%, cybersecurity jobs are the second most difficult roles to fill, after only cloud computing. One study even suggests that there are currently 3.5 million unfilled cybersecurity jobs, highlighting the scarcity of such talent and the reality for employers looking to fill them.

Developing Home-Grown Cybersecurity Talent

An alternative to dealing with the challenges, expense and time it takes to hire external cybersecurity workers is developing them in-house. Through such an approach, banks can create the cybersecurity forces they need to be vigilant and mitigate the risks of cyber-attacks. This can include upskilling current tech talent on the latest security strategies or reskilling those in related roles who show aptitude. 

Research from McKinsey reveals that 44% of surveyed technology workers started their careers in non-IT fields, suggesting that a degree and years of experience in the field aren’t necessary to be successful in a technical role. Also important are the soft skills associated with cybersecurity positions, which this year’s Global In-Demand Skills Report identified as communication, collaboration and problem-solving.

Whether they have IT backgrounds or not, the benefits of training current employees to meet the bank’s cybersecurity needs are numerous – from leveraging people already familiar with the company, its processes and culture to avoiding the expensive process of starting from scratch for external hires. 

Of course, such training should never be one and done. As criminals become more sophisticated and banks remain big targets, the program should be continually refreshed to equip employees with the latest knowledge of cybersecurity. It should also extend to other departments on how to respond to questions about the bank’s cybersecurity efforts and how to respond if a cyber-attack does occur. 

Creating a Better Workplace

In today’s tight labor market, offering the ability to grow into different and increasingly important roles can be a huge factor in retaining your best talent. Training select workers in cybersecurity sets them up for a more successful future by adding new skills to their resumes, increasing their value to the organization and growing their future earning potential.

Identifying internal candidates to be reskilled or upskilled can also enhance diversity, equity and inclusion (DEI) initiatives by giving employees of diverse backgrounds the chance to embark on a new career path. For example, the 2022 Global In-Demand Skills Report found that cybersecurity is one of the least gender-diverse fields, with only 16% of cybersecurity talent being female. Recent research also indicates Black and Hispanic bank employees are more likely to be in entry-level roles with limited opportunities

Focusing on the employee experience alongside these new growth opportunities is also worthwhile. For example, flexible working schedules are important to address talent shortages – while Randstad Sourceright’s Talent Trends research shows that 80% of banking and financial services leaders recognize this, only 38% report that their organization currently use such a strategy. Stepping up efforts to enhance employee wellbeing can go a long way in creating a satisfying work environment that keeps talent engaged and eager to stay. Taking stock of the team’s skills, how they can be transferable to other roles, and how employees can be further developed will also help with retention.

A Win-Win Situation

The combination of high competition for skilled workers and growing cybersecurity threats means banks must think outside the box to ensure they have the support they need to protect themselves and their customers. Looking at the current workforce and providing existing employees with the training and development to assume cybersecurity roles can fill those gaps. Doing so also presents a unique opportunity to improve diversity, and employee retention is just icing on the cake.

What’s hot on Infosecurity Magazine?