Businesses today are waking up to the importance of adequate protection against cybercrime and have begun to invest heavily iron-cladding their digital infrastructures. Accordingly, the cyber insurance market is expected to grow at an astounding Compound Annual Growth Rate of 25.30% between 2022 and 2028. However, such rapid growth is set to open the floodgates on an already-problematic talent shortage in its workforce.
A lack of trained professionals with knowledge and understanding of cyber security, coupled with a decreasing insurance workforce, makes recruiting into the cyber insurance industry challenging. As the cyber insurance sector acknowledges and acts upon the potential crisis at hand, now is the time to invest in education to close the lid on the dearth of technically-trained, technology-savvy workers needed in what has historically been a fiercely conservative insurance industry.
The Lack Of Technical Talent
The cyber security industry has grown significantly in recent years, spurred by the Coronavirus pandemic and the hurried digital transformation it triggered in our everyday lives. This has indirectly triggered greater demand for cybersecurity professionals, who can manage the rise of ransomware, cybercrime, and data breaches, together with a growing body of Data Protection Regulations, the emergence of disruptive technologies, and the increasing sophistication of cyber threats. Additionally, as a result of the substantial expenses associated with cyber risk (the cost of a single data breach reached a record-breaking $4.24 million in 2021), demand for cyber insurance policies, and with it, therefore, demand for cyber insurance professionals, has sky-rocketed.
And yet, the cyber security industry is facing a severe talent crunch. In 2021 the world’s open cybersecurity positions were enough to fill 50 NFL stadiums. Around 465,000 cybersecurity jobs were yet to be filled in the US in 2021 (although this figure was set to decrease minimally in 2022); 1.5 million cybersecurity job vacancies are expected in India by 2025. Moreover, global talent shortages have been ranked as the ninth biggest business risk of 2022 (up from thirteenth place last year), having reached the highest levels ever seen over the past 15 years in 2021. The problem is set to worsen: by 2030, it is estimated that the global talent shortage will total more than 85 million people.
The impact of the cyber security talent shortage is far-reaching. In turn, the cyber insurance industry has a scant choice of cyber-aware talent to recruit. It is these types of knowledge-intensive industries that will experience a significant imbalance between supply and demand for skilled professionals.
The Lack of Insurance Professionals
The impact of the cyber security talent shortage on the cyber insurance industry is compounded by a dwindling supply of insurance professionals overall. The pandemic was incredibly damaging to the global labor market, exacerbating ongoing problems with the aging workforce, and bolstering the demands of a millennial generation of employees who search for work-life balance and flexibility and will not be afraid to walk away from a job if they do not find it.
Statistics from the US show that nearly 400,000 employees are expected to retire from the insurance industry workforce within the next few years, but eight out of 10 millennials are apathetic towards employment in the insurance industry. In fact, 44% of millennials do not find a career in insurance interesting, despite the wide variety of roles that the industry has to offer. Some micro-segments within the insurance sector, namely those involving innovation and technology, would assumably hold particular appeal to a younger population but a lack of awareness of emerging insurance products is likely to limit their interest in the sector as a whole.
In addition, the millennial generation will have less exposure to insurance by virtue of the market conditions they face: worse off than their parents, coping with levels of debt not seen before, and living in an era where the cost of living is rising exponentially, millennials are less likely to experience home and car ownership, and therefore are less likely to purchase insurance to protect them. As a result, rather than simply lacking interest in the insurance industry, many of this generation will simply lack the knowledge and understanding of the increasing focus on emerging technologies or their related risks in the insurance industry.
With a smaller pool of talent (both cyber and insurance) to draw from, cyber insurance recruiters now find themselves between a rock and a hard place, rarely able to recruit cyber insurance professionals who can hit the ground running with the requisite niche knowledge of both insurance and cyber.
The Vital Training Required to Cure the Talent Shortage
Therefore, the main crux of the cyber insurance talent shortage lies, not merely in a lack of interest, but rather, in the lack of cyber security knowledge and technical skills necessary to succeed in such a fast-paced industry.
The solution, therefore, can be found in intensive training and incisive, role-orientated, and practical professional development. Cyber security degree programs, which typically last between three to four years, can serve only as a long-term solution to what is a critical problem that urgently needs to be met now. On the other hand, short courses and continuing education programs focused on cyber insurance can more specifically address the severity of the talent drought in the nearer future.
One advantage of investing in employee education is its appeal to the younger, incoming generation of cyber insurance professionals. Growth and professional development are of principal value for the millennial generation; this demographic looks for extensive learning and development opportunities and mentorship from their direct managers. Some insurance companies, such as Hiscox and Zurich, have tapped into these generational values and the solution that education can provide by running graduate training programs on cyber insurance. At a time when competition in recruitment is fierce, these businesses have increasingly turned to fresh graduates and on-the-job training to fill positions.
However, overall, the industry is not yet doing enough to attract, develop and retain young talent for cyber insurance roles. Better examples of cyber security training programs can be found at Microsoft, which recently began working with US colleges to place 250,000 students into the cyber security workforce by 2025. IBM has recently announced that it expects to train 150,000 people in cybersecurity skills before 2025.
It should be noted, however, that such training opportunities benefit generations other than just millennials – the aforementioned programs and educational courses merely illustrate some solutions to the aging insurance workforce. Such training is both suitable and indeed recommended for all ages in the cyber insurance workforce.
The cybersecurity insurance workforce shortage will not magically disappear on its own but there is a solution to limit its impact on the sector’s sky-rocketing growth. Short, industry-focused courses can bring capable learners up to speed, bringing around a fast return on investment for the businesses they work for. The Cyber Insurance Academy’s educational program is accredited by the Chartered Insurance Institute (CII) – a mark of distinction awarded only to programs that meet rigorous criteria, namely, clear value-added, high standards of academic quality, and the delivery of tangible professional development.
Our courses are designed by cyber insurance professionals, for insurance professionals. For more information, please visit this page.