The Cyber Skills Gap & How We Act For The Future

There is a great Chinese proverb that says: “The best time to plant a tree is 20 years ago, the second-best time is now.” I love this because beautifully sums up where we are today with the cyber skills shortages we face. Go back 20 years and it was a mad rush towards digital transformation - what a good news story, better client experience delivered on a lower cost base.

Roll forward 5 years… “Oh, the online platforms we’ve created are not actually very secure, sorry about that - it seems youngsters in their bedrooms are hacking our systems for fun.” Roll on a further 5 years and we get to: “Hang on, the adversary has morphed into serious and organised crime and now we’re being extorted for millions.” 

And on and on until today… we now have a new digital revolution taking place which we have snappily called  'Industry 4.0’. This integration of intelligent digital technologies into manufacturing and industrial processes, and their speedy, often cost-driven but not security driven adoption into modern manufactured elements (cars, aeroplanes, watches, medical equipment, fridges, smart factories, intelligent cities to name a few) leaves us even more exposed to threat. 
 
In the last 20 years we as a nation have underinvested in developing cyber skills. It’s only in the last decade that higher education establishments have offered dedicated cyber security degree and master’s courses (though their relevance in modern commercial settings is up for debate). Only within the last 12 years has legislation come about to protect personal data and discover/punish those that lose or abuse it.

The result of all this is that the pressure on existing cyber capability has expanded even more, without a corresponding increase in industry-ready entry level practitioners. Companies are under huge pressure to meet demand; the fact is that they no longer want entry level capability, they want 3 - 4-year veterans. 
 
With this new Industrial Revolution (Industry 4.0) beginning to gather steam, there is a specific need to create a training ladder, to ensure practitioners are being sufficiently trained and assessed at every level of their career - which is exactly what we at The Cyber Scheme have done.

We need to cross skill and to upskill, bringing together each side of the revolution: Engineers, meet the IT crowd.

Both of course speak different languages, and have differing approaches to suit their specific areas, for example regarding health and safety. It’s one thing to electrocute yourself in an IT environment; quite another to bring down a manufacturing facility or a nuclear power plant. With the advent of IoT/OT technologies, the stakes are ever higher.
 
With training and with competence measurement we can build into the existing engineering and IT disciplines the knowledge, skills, abilities and tasks to counter the threat associated with these developments.

We have the scars and the memories of how the last 20 years have played out, and we know serious and organised crime will and does take advantage of our slowness - just look at the troubles Jaguar Land Rover and the automotive industry generally have encountered recently; that cool keyless entry isn’t so cool when a 15yr can steal your car inside 3 minutes.

The easy returns for crime gangs are just too tempting; we know we have to skill up before the bad guys do. That’s why now is the second-best time to plant that tree.

Charles White is CEO of The Cyber Scheme

You Might Also Read: 

Is Artificial Intelligence The Answer To The Cybersecurity Skills Shortage?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Insights From An Early Adopter Of Microsoft 365 Copilot
A Deep Dive Into Deepfakes & The Threat To Digital Identity Verification »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TitanFile

TitanFile

TitanFile is an award-winning, easy and secure way for professionals to communicate without having to worry about security and privacy.

Intland Software

Intland Software

Intland offer an integrated Application Lifecycle Management platform that offers all-round Requirements, Development, and Testing & Quality Assurance functionality.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Gatewatcher

Gatewatcher

Gatewatcher is a digital breach detection platform targeting crafted attacks and protecting organizations against advanced cyber threats.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Windscribe

Windscribe

Windscribe is a Virtual Private Network services provider offering secure encrypted access to the internet.

Cycura

Cycura

Cycura provide advanced, customized, and confidential cyber security services, cyber investigation services, and digital forensic services to governments, companies, and organizations.

Center for Analysis & Investigation of Cyber-Attacks (CAICA)

Center for Analysis & Investigation of Cyber-Attacks (CAICA)

The Center for Analysis & Investigation of Cyber-Attacks is one of the leading Kazakhstan organisations in the field of information and computer security.

Intertrust Technologies

Intertrust Technologies

Intertrust Technologies is a software company specializing in trusted computing products and services.

Renesas Electronics

Renesas Electronics

Renesas Electronics delivers trusted embedded design innovation with solutions that enable billions of connected, intelligent devices to enhance the way people work and live - securely and safely.

Global Lifecycle Solutions EMEA (Global EMEA)

Global Lifecycle Solutions EMEA (Global EMEA)

Global EMEA provides full lifecycle services to corporate Clients covering procurement, configuration, support, maintenance and end-of-life asset management.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

TekSynap

TekSynap

TekSynap is a full spectrum Information Technology services provider to federal government agencies.

Cypfer

Cypfer

CYPFER is a global market leader in ransomware post-breach remediation and cyber-attack first response.

Proaxiom

Proaxiom

Proaxiom are focused on erasing cyber driven panic paralysis for Small and Medium Enterprises through brilliant cyber technologies which drive productivity and support growth.