A significant pay gap between private sector and UK government cybersecurity roles is jeopardising national security by hindering the public sector’s ability to attract and retain top talent, cyber security company Naoris Protocol warns.
Its analysis shows pay for key roles in cyber security can be nearly double in the private sector compared to the public sector and warns pay has to increase to help government combat the development of artificial intelligence, quantum computing, and metaverse, which is massively increasing cyber threats.
Data shows mid-level roles in the private sector such as cyber security analysts and penetration testers in London offer between GBP50,000 and GBP70,000 annually. Senior positions, including security managers and cyber security architects, see salaries ranging from GBP80,000 to over GBP120,000.
In the public sector a recent posting for a cyber security adviser at the Ministry of Defence listed a salary of GBP36,530 per year. More senior roles, such as the head of cyber governance, risk, and compliance, are advertised with salaries starting at GBP67,820, the analysis by Naoris Protocol found.
The Naoris Protocol study indicates the pay gap has serious consequences. It cites a recent report by Spotlight on Corruption, which found the National Crime Agency is struggling to recruit and retain staff, with jobs in cybercrime units being left vacant. The report blames the loss of staff on low pay and poor morale, noting that NCA employees earn less than their counterparts in both the police force and private sector.
A report from government spending watchdog the National Audit Office says independent assessments of 58 government IT systems show “significant gaps” in cyber resilience and that the government does not know how vulnerable at least 228 legacy IT systems are to cyber attack. It warns that one in three cyber security roles were vacant or filled by temporary staff in 2023/24.
“The risks to UK national security from cyber crime are real, and the potential costs and damage to critical national infrastructure are staggering,” says Naoris Protocol CEO David Carvalho.
“It is vital that the government can attract top talent for key cyber security roles and worrying that so many roles are left vacant. It is, however, not that surprising when skilled people can earn so much more in the private sector,” he added. “The UK Government needs to address the pay gap in order to safeguard the country’s digital infrastructure and competitive pay is essential to attract and retain the skilled people needed to combat evolving cyber threats.”
