AI AND CYBERSECURITY TALENT SHORTAGE

There is greater emphasis on cybersecurity within Financial Services than ever before. For TA leaders, the question is clear: where do you find cyber talent equipped for this level of complexity?

As AI capabilities scale, banks are exposed to new and evolving threats: malicious code, hyper-realistic phishing & social engineering, and data poisoning & model manipulation to name a few.

Most banks currently source cyber talent from competing financial institutions. This creates a recycled talent pool where salaries rise but capability doesn’t necessarily improve. As threats grow more sophisticated, this approach is proving increasingly unsustainable.

INTELLIGENCE AGENCIES: AN UNDERLEVERAGED TALENT POOL

National Security agencies represent a highly capable and underleveraged talent pool. These professionals bring experience in:

• Advanced and highly sophisticated processes
• Stress testing and governing complex models
• Operating in high-pressure, high-stakes environments
• Working with cutting-edge technologies

Beyond calibre, this government funded market can also offer a more cost-effective alternative to other financial institutions and corporations. 

ADJACENT INDUSTRIES WORTH EXPLORING

Defence, aerospace and critical infrastructure organisations employ cyber specialists who operate in comparably high-stakes threat environments to financial services, yet they are rarely targeted by financial services recruiters. This represents a significant and largely untapped pipeline of senior talent.

Wilbury Stratton has mapped senior cybersecurity professionals across three of the world's leading defence and aerospace organisations.

Northrop Grumman, a global security organisation providing full-spectrum cybersecurity solutions across aerospace and defence, yielded over 400 suitable individuals in the US alone. BAE Systems, which delivers cybersecurity services protecting national infrastructure and digital assets for government and commercial clients, had 70 suitable professionals identified in both the UK and US. Lockheed Martin, offering full-spectrum cybersecurity solutions across security and aerospace, similarly returned over 400 individuals identified in the US.

These organisations operate at the frontier of cyber threat response. The professionals within them bring a level of operational rigour that is difficult to find within financial services, and as yet remain untapped as a source of talent.

HOW WILBURY STRATTON CAN HELP   

Wilbury Stratton has already addressed this challenge. We are actively mapping and building pipelines within the intelligence agencies and have provided insight and access to this talent pool to a leading tier-one bank.

Our research for highly technical cybersecurity professionals with 20+ years of experience spanned national organisations including the NSA, with more than 225 individuals identified; the FBI, with over 150 individuals identified; the UK MoD, with more than 100 individuals identified; U.S. Cyber Command, with over 100 individuals identified, and the CIA, with over 20 individuals identified.

Many have been working for these agencies for several years and are undercompensated in comparison to professionals working in financial services. Differences in total compensation in some cases were vast, with as much as £100,000 difference in base salary alone. 

For financial services organisations serious about building genuine cybersecurity capability, the talent exists. It is just not where most banks are currently looking.

FAQs 

Why is cybersecurity talent so difficult to hire in financial services?

Most banks recruit cyber talent from competing institutions, creating a recycled pool where salaries inflate but capability doesn't improve. As AI-enabled threats grow more sophisticated, this approach is proving increasingly unsustainable.

Are intelligence agency professionals suitable for financial services cybersecurity roles?

Yes. These professionals have spent careers operating in the world's highest-stakes threat environments, bringing a level of technical rigour and operational experience that is rarely found within financial services itself.

Are intelligence agency professionals open to moving into financial services?

Many are. A significant number are undercompensated relative to their private sector counterparts — in some cases the difference in base salary alone exceeds £100,000.

How do you build a cybersecurity talent pipeline outside of financial services? 

It requires active mapping across non-traditional talent pools including intelligence agencies and defence organisations. Wilbury Stratton has already built these pipelines across the UK and US.

What are non-traditional sources of cybersecurity talent?

Intelligence agencies, defence contractors and critical infrastructure organisations are among the strongest alternatives. Organisations such as the NSA, FBI, UK Ministry of Defence, Northrop Grumman, BAE Systems and Lockheed Martin employ senior cybersecurity professionals who are rarely approached by private sector recruiters.