Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Majority of U.K. Business Would Hire a Hacker to Address Cyber Security Challenges: Survey

A survey of companies in the U.K. more than half are willing to hire a hacker to help deal with a shortfall of cyber-security professionals.

A survey of companies in the U.K. more than half are willing to hire a hacker to help deal with a shortfall of cyber-security professionals.

The finding comes from a KPMG survey of 300 senior IT and HR professionals in organizations with 500 or more staffers. Some 74 percent said they are facing new challenges in cyber-security, and 70 percent admit their organization “lacks data protection and privacy expertise.” In addition, the majority said they are wary of their organization’s ability to assess incoming threats.

Even though 60 percent said they have a strategy for dealing with any skills gaps, 57 percent agree it has become more difficult to retain staff in specialized cyber skills in the past two years. In addition, 60 percent said they are worried about finding cyber experts who can effectively communicate with the corporate-side of the business and not just the IT department.

But the most interesting stat may be this – 53 percent of respondents say they would consider using a hacker to bring inside information to their security teams. Roughly the same number (52 percent) said they would also consider recruiting an expert even if they had a previous criminal record.

“The increasing awareness of the cyber threat means the majority of U.K. companies are clear on their strategy for dealing with any skills gaps,” said Serena Gonsalves-Fersch, head of KPMG’s Cyber Security Academy, in a statement. “However, they wouldn’t hire pickpockets to be security guards, so the fact that companies are considering former hackers as recruits clearly shows how desperate they are to stay ahead of the game.  With such an unwise choice on the menu, it’s encouraging to see other options on the table.”

“Rather than relying on hackers to share their secrets, or throwing money at off the shelf programs that quickly become out of date, U.K. companies need to take stock of their cyber defense capabilities and act on the gaps that are specific to their own security needs,” she added. “It is important to have the technical expertise, but it is just as important to translate that into the business environment in a language the senior management can understand and respond to.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

CISO Conversations

In this edition of CISO Conversations, SecurityWeek speaks to two city CISOs, from the City of Tampa, and from Tallahassee.