Now business owners have another cyber concern to contend with: Brexit.
Amid all the political uncertainty, it’s hard to know what the impacts will be. When it comes to cyber security, the potential results? Changes in regulation and legislation, and a more complex recruitment landscape.
More uncertainty
First, the UK has always been a vital part of EU cyber security strategy. WannaCry (2017), affected more than 230,000 systems across the world. And the UK was instrumental in supporting investigations and enabling action.
UK businesses also benefit from collaboration via ENISA (the European Union Agency for Cybersecurity) and, more recently, the EU Cybersecurity Act. Establishing cyber security standards and robust defence frameworks protects all member states against growing cyber-threats.
After 31 October, the country might instead need to start relying on the UK’s own standards. That could mean different rules around the ways businesses keep and protect data.
What’s not going to happen
To the relief of most businesses, GDPR will still apply post-Brexit. Although introduced by the EU, regulation will be retained in UK law as part of the EU (Withdrawal) Act 2018. The fundamental principles, obligations and rights will therefore stay the same.
It might be that nothing needs to change immediately. In that scenario, the country will have a 14-month transition period to start adjustments.
What Brexit could mean for cyber skills and recruitment
A report by the ISSA shows that 74% of organisations feel they’ve been affected by a shortage of cyber-talent. 41% of respondents said they’ve resorted to training junior employees, lacking established cybersecurity talent.
If Brexit spells the end of free movement, the cyber security talent pool could become even shallower. This will force businesses to spend more time and money on hiring.
Skills development could also take a hit, with UK cyber professionals potentially finding it difficult to access resources and training overseas, and UK universities losing the EU finding they receive at present.
While these skills gaps do exist, it could be argued that some businesses are struggling to find the right talent for other reasons: a lack of time or hiring resources, for example. However, it’s not that the talent isn’t out there; it’s knowing where to find it – but that’s another story.
Read our Cyber Talent Insights Report
If you’d like some guidance on hiring cyber talent or simply want to know how we can help your business, get in touch.