By Alicja Malok, senior director, technology recruitment at Hays Poland
Hays pole

 

Many organisations are currently dealing with the challenge of digitalisation, which involves integrating digital technologies, implementing new business models, automating processes, and utilising data analytics. Benefits include increased business efficiency, improved service quality, and the development of new business opportunities. However, digitalisation also introduces new risks, risks that can be mitigated through appropriate IT security procedures and expertise. The demand for talent in this field is expanding, resulting in recruitment challenges.

While digitalisation brings numerous advantages, it also presents risks. As digital transformation progresses, businesses become increasingly vulnerable to various cyber-attacks that can disrupt their operations. This growing dependence on technology can create significant problems for organisations in case of an attack. Recognising this, executives prioritise IT security in the digitalisation process.

Security first

Cybersecurity plays a critical role in protecting data, systems, and infrastructure from various threats. With the increasing collection and processing of data in the cloud, including sensitive personal and business information, it’s vital to prevent unauthorised access and loss. Additionally, many industries are subject to strict data protection and privacy regulations, and cybersecurity processes help companies comply with these requirements and avoid penalties.

As digital tools become more prevalent in business and daily work, cyber-attacks such as phishing, malware, ransomware, and DDoS continue to evolve. Cybersecurity is essential for identifying threats, responding to incidents, and minimising their impact to ensure business continuity, build customer trust, and maintain a good reputation.

Growing demand for talent

The demand for qualified cybersecurity professionals is increasing rapidly as the number of cyber-attacks grows. However, the supply of candidates for these positions has not kept pace with market needs. A career in cybersecurity typically requires relevant education, certifications, and practical experience, such as obtaining a degree in computer science, computer engineering, or cybersecurity, and obtaining certifications like Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and CompTIA Security+2.

For those aiming for advanced and expert roles, practical experience, participation in seminars and conferences, or membership in organisations such as ISC or ISCA is crucial. Since cybersecurity is a rapidly evolving field, staying up to date with the latest trends and regularly attending training courses can help professionals keep their knowledge up to date.

Additionally, cybersecurity professionals must have a wide range of technical skills, including familiarity with operating systems and networks to identify and neutralise threats. They should also be able to analyse and interpret data to predict and prevent attacks, as well as ensure that software is free of vulnerabilities that could be exploited by cybercriminals.

Moreover, professionals specialising in cybersecurity need to be familiar with various tools to protect systems and data from threats. These tools include firewalls such as Fortinet FortiGate or Cisco ASA, antivirus and antimalware programs, intrusion detection and prevention systems (IDS/IPS), and security information and event management (SIEM) systems.

The labour market is favourable to candidates

Many prerequisites are required to enter the profession, and the entry barrier is high – even from the perspective of those working in IT. This is because cybersecurity requires specialised knowledge and skills that are not easy to acquire, and the education and certification process is time-consuming and expensive. This can discourage potential candidates.

Currently, there are around 10,000 cybersecurity specialists in Poland. However, despite this number, there is still a significant shortage of experts in this field. The demand for cybersecurity specialists exceeds supply, so many employers are struggling to find qualified candidates. This results in a strong negotiating position for candidates, who, in addition to high salaries, pay a lot of attention to attractive working conditions. To attract and retain the best professionals, organisations often have to agree to their expectations.

Salaries for cybersecurity specialists in Poland are currently competitive and vary depending on experience and position. For those in the role of junior cybersecurity specialist, the average monthly salary is between 12,000 and 18,000 złotys gross, while for the medium/regular, level it ranges between 18,000 and 25,000 złotys. Senior cybersecurity specialists, on the other hand, most often earn between 25,000 and 36,000 złotys gross per month. B2B contractors in cybersecurity positions can expect hourly rates ranging from 185 to 250 złotys.

In Poland, the number of cybersecurity talent is expected to grow

Currently, many employers in Poland are facing challenges in finding qualified specialists, especially in fields like cloud security, network protection, and software architecture design. Sophos estimates that almost one in three Polish organisations don’t have the resources to hire additional cybersecurity specialists, and 17% have difficulty filling these positions. Additionally, Hays’ Global Cyber Security Report 2024 states that 62% of cybersecurity leaders admit their companies lack cybersecurity-focused talent development programs. This has led to IT security teams being overwhelmed with alerts and incidents, posing a risk to the business.

In Poland, the area of cybersecurity is relatively new and the population of potential candidates is much smaller than that of programmers. However, the Polish market is an attractive investment destination on the map of Europe and the world in terms of the overall availability of IT talent. New investments – including those related to IT security – are steadily flowing into Poland, which will ensure that the number of IT employees specialising in cybersecurity will increase over time. To respond to changing skill demands, employers will not only need to invest in training and re-skilling programmes but also more widely integrate women into the profession, who, according to the Global Information Security Workforce, make up only 11% of the cybersecurity workforce.

As technology advances and cyberattacks evolve, investing in upskilling and training for employees becomes crucial for organisations to ensure security in the digital world. To effectively operate in the digital world, businesses need to invest in specialised staff or cybersecurity services.