Charting A Course To Address The Cyber Skills Shortage

Uploaded on 2023-04-27 in JOBS-Training, FREE TO VIEW

CEO of the UK Cyber Security Council, Professor Simon Hepburn, discusses standardising cyber security professional titles and what this means for attracting talent, streamlining recruitment, and tackling the cyber skills gap

Though the cyber security industry is still maturing, bringing the sector in line with other chartered industries, such as surveying and accountancy, has been needed for some time. 

With the UK’s cyber sector facing a workforce gap of over 14,100 people, it’s clear that action needs to be taken if we are to fulfil the government’s vision of making the UK to safest place to live and work online.

Helping the government achieve this aim – and in the process creating a more diverse sector with clear career pathways and universally recognised professional titles which map to specific skill sets – is the Council’s raison d’etre.

As we work towards achieving this mission, introducing our chartered professional standard to the sector has been a key focus. It’s a task which sits at the heart of creating the world class cyber security sector we want to see here in the UK.

Piloting The Journey To Cyber Security Excellence

When it comes to certifications and accreditations, the cyber security sector could best be described as a maze. There are a vast number of accreditations and certifications available, from a large number of course providers and awarding bodies. 

Consistency from one course to another is not always easy to find. For many organisations and businesses – especially those from outside the sector – this can make effective recruitment challenging. The Council is therefore seeking to redress this by introducing a new chartered professional standard for the sector, with universally recognised professional titles which correspond to specific skills sets.

Cyber practitioners can apply for one of three professional titles ranging from Associate to Principal and Chartered. These titles correspond with the depth of experience and expertise of the individual, demonstrated through written evidence and interview.

From an industry perspective these titles create a universally recognised standard, which will provide certainty around the skills and competencies associated with each level of professional title. 

Having a professional title recognised by the UK Cyber Security Council will help cyber practitioners evidence their knowledge and skills to employers, clients and the public. And more widely, it will also help create a pool of respected cyber security specialists.As the only organisation able to charter cyber security professionals as individuals, we are working with our partners to pilot the 16 cyber specialisms  across the sector.  

Pilot schemes for some specialisms have already been launched and we will be bringing forward new schemes in the coming months. 

By doing so, we are committed to creating clear pathways for practitioners to hone and evidence their expertise in specific disciplines within cyber.

Chartership and Recruitment

From an employer perspective, defined roles and levels of expertise, measured against an industry standard, make it easier for an organisation to identify cyber professionals who possess the requisite skill level to meet their cyber needs. When factoring recruiters into this process, the need for meaningful and reliable titles becomes even more key. It allows recruiters to be completely confident that they are putting forward candidates with adequate skills and experience for roles, ensuring they remain trusted suppliers to their clients.

All in all, the use of an industry standard and professional titles will streamline recruitment across the sector and be beneficial for cyber professionals and those in need of a cyber professional. With more than 80% of UK organisations experiencing a successful cyber attack in the past year, there is evident need for improved cyber defence across many organisations. The smoother recruitment processes for cyber practitioners can become, the quicker cyber professionals can begin to defend vulnerable businesses.

Tackling The Skills Gap

Whilst cyber security was once considered a way to future proof a business, it is now a foundational necessity. This shift has created a growing demand for cyber expertise, meaning that the current cyber skills gap is a significant issue.  According to Cybersecurity Ventures, there are 3.5 million open cyber jobs worldwide. Whilst in some instances these roles represent opportunities for upskilling and career progression, there are still entry level roles across the cyber space which need fresh new cyber professionals.

We believe setting clear benchmarks and defined career pathways for cyber professionals will help make routes into the industry clearer, as well as helping those already working in cyber to navigate their career trajectories.

The introduction of professional titles will also encourage individuals to be ambitious in their career goals, as the correlation between upskilling to gain the next level of professional title and the career opportunities which open up as a result will be much more evident. As the majority of entrants to the cyber industry currently come through career change or redirection, with just 3% via a school leaver or apprenticeship and 12% via graduate schemes, arguably there is more to be done to inspire students into the industry and present it as a viable, valuable career path. There is an education piece to perform here so that when presented with the prospect of a future in cyber, school and university leavers have a clearer understanding of what routes to entry are available and the career possibilities that could follow.

In comparison with industries such as law, medicine, accountancy or even marketing, a role in cyber can still seem like a very ‘new’ prospect. It can still carry some mystic around what is involved in the day to day, what skills are required and how to enter and progress through the industry.

Standardised professional titles will help bring cyber in line with other chartered industries and demonstrate a clear pathway into and through the industry. Resources such as our Career Framework and Career Mapping tool can also be helpful in identifying areas of interest in cyber, building on these interests and moulding them into an attractive career trajectory.

As we continue to add more specialisms to our pilot programme and partner with stakeholders across the UK to drive awareness and interest in cyber, we are building an invaluable network of talented cyber professionals. 

Continuing to do so will be crucial to addressing the cyber skills gaps and building a world leading cyber sector here in the UK.

You Might Also Read:

The Skills Gap Is Increasing Risk & Exposure To Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Chatham House Cyber Conference  | 14 June 2023
Highly Evasive Adaptive Threats & Advanced Persistent Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

Picus Security

Picus Security

Huge gaps often exists between the "perceived"​ and "actual"​ IT security level of an organization. Picus Security continuously assesses security controls and reveals deficient ones before hackers do.

Ledger

Ledger

Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications using its proprietary technology.

NinjaJobs

NinjaJobs

NinjaJobs is a community-run job platform developed by information security professionals. We focusing strictly on cybersecurity positions.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

Envelop Risk

Envelop Risk

Envelop Risk is a global specialty cyber insurance firm, combining decades of insurance industry expertise with sophisticated cyber and artificial intelligence-based analytics.

CyberClan

CyberClan

CyberClan’s carefully selected team of experts is capable of solving complex cyber security challenges – keeping your data secure and your businesses running as usual.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

3B Data Security

3B Data Security

3B Data Security offer a range of Penetration Testing, Digital Forensics, Incident Response and Data Breach Management Services.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

Devolutions

Devolutions

Devolutions make best-in-class Privileged Access Management, Password Management, and Remote Connection Management solutions available to ALL organizations — including SMBs.

ThreatNix

ThreatNix

ThreatNix is a tight knit group of experienced security professionals who are committed to providing competent cybersecurity solutions that adhere to international standards.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.