The Cybersecurity Skills Crisis – The real threat Financial Services firms’ need to address

Technology has acted as the catalyst for many modern-day advances in our quality of life. However, there are two sides to every coin and technology also brings with it new threats to our cybersecurity, as seen in multiple real-world examples, likely taking place as you continue to read this article.


Philip is an experienced Chief Operating Officer, with significant experience in running technology, operations, transformation, procurement and cost reduction initiatives within Financial Services.

Philip Freeborn
Co-Head of Global Markets and Wholesale Banking Services

There has been a sharp increase in the use of cyber-attacks and escalation to cyberwarfare during geopolitical conflicts in recent months. Acts against Israel in the lead up to the October 7th strike by Hamas and the prominence of AI and use of deepfake to allow people to look, or sound, like they’re someone or somewhere they’re not in pursuit of illegal gains, are just some examples.

These topics are at the top of the priority list of businesses and government organisations. The United Kingdom’s AI Safety Summit took place last week, to discuss the risks and opportunities posed by AI. The key outcomes from the summit were both agreement and formal documentation of the risks of AI, and an internationally coordinated mitigation plan.

In due course, regulations and frameworks from similar summits will make their way down to critical sectors, including Financial Services. However, Financial Services firms cannot afford to wait to act. According to the industry body, UK Finance, around £2,000 is lost per minute to fraud, of which most of the cost falls to banks and is caused by cyber risks. Banks are already investing in new systems, employing specialist staff and adding extra layers of checks to prevent cyber-attacks. However, continued investment is required to stay ahead in the cybersecurity arms race.

Cybersecurity supply and demand

Reports of a shortage of cybersecurity talent are one of the most significant risks facing society and in particular Financial Services firms into a critical business risk and reaching crisis levels within many organisations.

Half of all businesses have a basic cybersecurity skills gap, according to 2023 UK government research. But the ISC Cybersecurity Workforce Study 2022 says the gap is growing twice as fast as workforces, with businesses needing 26% more cybersecurity experts each year.

There are several factors contributing to the cybersecurity skills shortage.

  • The fast-growing and changing nature of cyber threats means traditional educators and educational material struggle to keep up. Their courses are often outdated and don’t cover the latest threats and tools available.
  • In a similar vein, cyber threats are by their very nature, such a specialist set of topics that ‘no single individual could realistically be an expert in all of them’, meaning that the demand for more specialists is growing as we as a society become increasingly dependent on technology.
  • Lack of diversity severely limits the pool of potential candidates, further narrowing the talent pipeline. Only 9% of the US cyber workforce is Black, 4% is Hispanic and 8% is Asian, according to the Aspen Institute. And men still outnumber women 3 to 1.

Reskilling and upskilling professionals – A mission to solve the gap

Reskilling and upskilling opportunities are emerging with a mission to train a new generation of cybersecurity workers from diverse backgrounds and open new avenues for professionals from IT and other industries.

New staff will have to train in areas such as modern threat awareness, including phishing, business email compromise, social engineering, and financial fraud. They must also know how to protect and defend data, devices, apps, infrastructure, and people.

Platforms and employers will continue to adapt their offerings to keep pace with emerging threats and technologies, but they can complement traditional education by offering targeted, specialised training that standard programmes may not cover.

Delta Capita’s Cyber Security Solution

Delta Capita is launching its Cyber Academy, powered by ThriveDX Enterprise. The Academy programme hires from diverse backgrounds and trains staff in leading cyber and financial markets skills.

Once fully trained, cybersecurity analysts are deployed to strengthen our clients’ cyber teams, address their skills shortages, and solve the diversity gap in cybersecurity.

This DC Cyber Academy programme adheres to globally recognised cybersecurity education frameworks. It emphasises hands-on learning through virtual labs and real-world simulations, enabling learners to apply their knowledge in practical scenarios.

Learn more about how the Cyber Academy and Delta Capita'sCyber offerings can help you.