Charting A Course To Address The Cyber Skills Shortage

CEO of the UK Cyber Security Council, Professor Simon Hepburn, discusses standardising cyber security professional titles and what this means for attracting talent, streamlining recruitment, and tackling the cyber skills gap

Though the cyber security industry is still maturing, bringing the sector in line with other chartered industries, such as surveying and accountancy, has been needed for some time. 

With the UK’s cyber sector facing a workforce gap of over 14,100 people, it’s clear that action needs to be taken if we are to fulfil the government’s vision of making the UK to safest place to live and work online.

Helping the government achieve this aim – and in the process creating a more diverse sector with clear career pathways and universally recognised professional titles which map to specific skill sets – is the Council’s raison d’etre.

As we work towards achieving this mission, introducing our chartered professional standard to the sector has been a key focus. It’s a task which sits at the heart of creating the world class cyber security sector we want to see here in the UK.

Piloting The Journey To Cyber Security Excellence

When it comes to certifications and accreditations, the cyber security sector could best be described as a maze. There are a vast number of accreditations and certifications available, from a large number of course providers and awarding bodies. 

Consistency from one course to another is not always easy to find. For many organisations and businesses – especially those from outside the sector – this can make effective recruitment challenging. The Council is therefore seeking to redress this by introducing a new chartered professional standard for the sector, with universally recognised professional titles which correspond to specific skills sets.

Cyber practitioners can apply for one of three professional titles ranging from Associate to Principal and Chartered. These titles correspond with the depth of experience and expertise of the individual, demonstrated through written evidence and interview.

From an industry perspective these titles create a universally recognised standard, which will provide certainty around the skills and competencies associated with each level of professional title. 

Having a professional title recognised by the UK Cyber Security Council will help cyber practitioners evidence their knowledge and skills to employers, clients and the public. And more widely, it will also help create a pool of respected cyber security specialists.As the only organisation able to charter cyber security professionals as individuals, we are working with our partners to pilot the 16 cyber specialisms  across the sector.  

Pilot schemes for some specialisms have already been launched and we will be bringing forward new schemes in the coming months. 

By doing so, we are committed to creating clear pathways for practitioners to hone and evidence their expertise in specific disciplines within cyber.

Chartership and Recruitment

From an employer perspective, defined roles and levels of expertise, measured against an industry standard, make it easier for an organisation to identify cyber professionals who possess the requisite skill level to meet their cyber needs. When factoring recruiters into this process, the need for meaningful and reliable titles becomes even more key. It allows recruiters to be completely confident that they are putting forward candidates with adequate skills and experience for roles, ensuring they remain trusted suppliers to their clients.

All in all, the use of an industry standard and professional titles will streamline recruitment across the sector and be beneficial for cyber professionals and those in need of a cyber professional. With more than 80% of UK organisations experiencing a successful cyber attack in the past year, there is evident need for improved cyber defence across many organisations. The smoother recruitment processes for cyber practitioners can become, the quicker cyber professionals can begin to defend vulnerable businesses.

Tackling The Skills Gap

Whilst cyber security was once considered a way to future proof a business, it is now a foundational necessity. This shift has created a growing demand for cyber expertise, meaning that the current cyber skills gap is a significant issue.  According to Cybersecurity Ventures, there are 3.5 million open cyber jobs worldwide. Whilst in some instances these roles represent opportunities for upskilling and career progression, there are still entry level roles across the cyber space which need fresh new cyber professionals.

We believe setting clear benchmarks and defined career pathways for cyber professionals will help make routes into the industry clearer, as well as helping those already working in cyber to navigate their career trajectories.

The introduction of professional titles will also encourage individuals to be ambitious in their career goals, as the correlation between upskilling to gain the next level of professional title and the career opportunities which open up as a result will be much more evident. As the majority of entrants to the cyber industry currently come through career change or redirection, with just 3% via a school leaver or apprenticeship and 12% via graduate schemes, arguably there is more to be done to inspire students into the industry and present it as a viable, valuable career path. There is an education piece to perform here so that when presented with the prospect of a future in cyber, school and university leavers have a clearer understanding of what routes to entry are available and the career possibilities that could follow.

In comparison with industries such as law, medicine, accountancy or even marketing, a role in cyber can still seem like a very ‘new’ prospect. It can still carry some mystic around what is involved in the day to day, what skills are required and how to enter and progress through the industry.

Standardised professional titles will help bring cyber in line with other chartered industries and demonstrate a clear pathway into and through the industry. Resources such as our Career Framework and Career Mapping tool can also be helpful in identifying areas of interest in cyber, building on these interests and moulding them into an attractive career trajectory.

As we continue to add more specialisms to our pilot programme and partner with stakeholders across the UK to drive awareness and interest in cyber, we are building an invaluable network of talented cyber professionals. 

Continuing to do so will be crucial to addressing the cyber skills gaps and building a world leading cyber sector here in the UK.

You Might Also Read:

The Skills Gap Is Increasing Risk & Exposure To Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Chatham House Cyber Conference  | 14 June 2023
Highly Evasive Adaptive Threats & Advanced Persistent Threats »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Academic Centres of Excellence in Cyber Security Research

Academic Centres of Excellence in Cyber Security Research

The ACE-CSRs scheme is part of the UK Government’s National Cyber Security Strategy, working with academia and industry to make the UK more resilient to cyber attacks.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

miniOrange

miniOrange

miniOrange is a cloud and on-premise based identity and access management (IAM) solution provider.

Statice

Statice

Statice develops state-of-the-art data privacy technology that helps companies double-down on data-driven innovation while safeguarding the privacy of individuals.

CyCraft Technology Corp

CyCraft Technology Corp

CyCraft is an AI company that forges the future of cybersecurity resilience through autonomous systems and human-AI collaboration.

Y-PARC

Y-PARC

Y-PARC is a center of excellence for cybersecurity, precision industries and medtech, fostering innovation and development and support for startups.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

View

View

View is the leader in smart building technologies including OT cybersecurity to securely connect buildings to the cloud and manage building networks and OT devices.

Techtron Business IT Services

Techtron Business IT Services

TECHTRON has been providing business IT services since 2004. Our focus is on SMBs and we are good at it. Our customers trust us, they love our high levels of service, and they love what we stand for.

Lintu Solutions

Lintu Solutions

Lintu Solutions is a trusted provider of comprehensive cybersecurity and enterprise risk management solutions.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.

Black Duck Software

Black Duck Software

Black Duck (formerly the Synopsys Software Integrity Group) is the market leader in application security testing (AST).

Digital Technologies Group (DTG)

Digital Technologies Group (DTG)

DTG are a digital transformation company helping process organisations embrace smarter manufacturing through the adoption of industry 4.0 technologies and solutions.