The UK public sector has struggled historically, to prioritise and attract information security talent across both central government departments and wider public sector bodies. The reasons for this are manifold; not least the widely held negative perceptions from those within the cyber security profession concerning public sector authorities as potential employers and the lack of career advancing opportunities. The truth is somewhere in the middle, the reward structure offered by the public sector is not competitive and generally inflexible, and recruitment processes and practices can be protracted and bureaucratic.
The disparity in pay between the commercial and public sectors for cyber security roles has created an intelligence culture within the labour market, of the public sector being ‘priced out’ comparative to large scale end user organisations.
With cyber security skills becoming increasingly premium over the past 20 years, the cyber security skills market’s power lies firmly with the candidates for both private and public sector worldwide.
Wide-scale media coverage of cyber security attacks such as WannaCry and Petya affecting both private and public organisations, leaves public opinion on how the country will cope if such global attacks continue, dipping.
The result for the public sector is an increase in pressure to find suitable skill sets equipped at preventing further negative impact from attacks.
The commonly held perception that the public sector is not a competitive employer of cyber security talent needs to be challenged as the UK public sector has been working on this salary shortfall in recent years and is now a far more competitive player in the market, but securing permanent placements continues to be a challenge.
Acquiring the necessary cyber security skill sets within the Public Sector has typically been managed by hiring larger quantities of contract staff during the past decade. These roles have been easier to fill, as day rates can be more competitive for the market.
Take up of any cyber security role is still obviously dependant on the personal motivations of each candidate. Whilst contingent labour is still an attractive option to both candidates and the public sector; it also is an expensive one. Moreover, the nature of cyber security operations are complicated in that the constant changeover of contract staff can lead to discrepancies in processes or team productivity. Public sector authorities need to hold onto corporate knowledge and gain the advantages, which you reap for hiring strategies, which deliver continuity in terms of staff retention.
The government has committed £1.9bn over the next 5 years to expanding national cyber security defence, and now moves its attention on how to move past its previous performance in securing permanent positions. Recruitment and Staffing Services agencies have to find a mutually beneficial relationship with government agencies and strategically align themselves to actual needs.
Acumin has supported and been at the centre of the wider cyber security industry for nearly 20 years, building relationships with the public sector for around 15 of those years. Acumin is a division of the Red Snapper Group; who have enjoyed huge market success as a staffing, learning and media services provider to the public sector; most notably law enforcement.
The Red Snapper Group has delivered staffing and managed services contracts with government departments and local authorities on a large scale for over 15 years and is a member of the top 100 SME suppliers to the public sector.
Acumin has fortified its own knowledgeable internal culture with Red Snapper’s extensive practical experience working with the public sector to supply much more than an average recruitment package. Approved as a Crown Commercial Supplier and active on several government frameworks, Acumin fulfils roles on behalf of government agencies.
More than that, Acumin supplies a joined up set of services which deliver both immediate answers to the public sector’s need for cyber security talent whilst at the same time assisting with the process of ensuring the authority has a long term sustainable outcome. The Acumin public sector cyber security contractor service comes with, as standard, a supporting media, talent acquisition campaign that is designed to funnel eligible candidates looking for permanent contracts directly to the department.
The service costs no more than engaging contracting staff however, it delivers so much more.
In a similar vein, the Red Snapper Group has succeeded in the market by being able to pioneer a way of adding value to teams through upskilling labour. By providing senior skilled staff to work closely with those who need more direct training, Red Snapper have built a successful model of creating a continuous stream of well-trained staff that are invested in their role. A dozen public authorities to create more sustainable outcomes have used the RSG mentor program. A blended approach is taken in terms of hiring trainees and more junior staff, who are coached by senior contract staff. RSG provides a performance management, professional development wrap around to the whole process identifying when the more senior contracting staff can be jettisoned.
Acumin is in a fortunate position, in that it can draw upon the lessons and resources used by the Red Snapper Group and apply it alongside their deep understanding of the total information security market – to provide a unique recruitment services proposition to the public sector.
Time will tell if such enterprises are able to project the UK public sector towards a long terms sustainable solution that will help prevent wide scale cyber-attacks, and allow the public sector to find a better balance of permanent information security staff within their department labour split.