The Cyber Skills Gap & How We Act For The Future

Uploaded on 2024-03-15 in JOBS-Careers, FREE TO VIEW

There is a great Chinese proverb that says: “The best time to plant a tree is 20 years ago, the second-best time is now.” I love this because beautifully sums up where we are today with the cyber skills shortages we face. Go back 20 years and it was a mad rush towards digital transformation - what a good news story, better client experience delivered on a lower cost base.

Roll forward 5 years… “Oh, the online platforms we’ve created are not actually very secure, sorry about that - it seems youngsters in their bedrooms are hacking our systems for fun.” Roll on a further 5 years and we get to: “Hang on, the adversary has morphed into serious and organised crime and now we’re being extorted for millions.” 

And on and on until today… we now have a new digital revolution taking place which we have snappily called  'Industry 4.0’. This integration of intelligent digital technologies into manufacturing and industrial processes, and their speedy, often cost-driven but not security driven adoption into modern manufactured elements (cars, aeroplanes, watches, medical equipment, fridges, smart factories, intelligent cities to name a few) leaves us even more exposed to threat. 
 
In the last 20 years we as a nation have underinvested in developing cyber skills. It’s only in the last decade that higher education establishments have offered dedicated cyber security degree and master’s courses (though their relevance in modern commercial settings is up for debate). Only within the last 12 years has legislation come about to protect personal data and discover/punish those that lose or abuse it.

The result of all this is that the pressure on existing cyber capability has expanded even more, without a corresponding increase in industry-ready entry level practitioners. Companies are under huge pressure to meet demand; the fact is that they no longer want entry level capability, they want 3 - 4-year veterans. 
 
With this new Industrial Revolution (Industry 4.0) beginning to gather steam, there is a specific need to create a training ladder, to ensure practitioners are being sufficiently trained and assessed at every level of their career - which is exactly what we at The Cyber Scheme have done.

We need to cross skill and to upskill, bringing together each side of the revolution: Engineers, meet the IT crowd.

Both of course speak different languages, and have differing approaches to suit their specific areas, for example regarding health and safety. It’s one thing to electrocute yourself in an IT environment; quite another to bring down a manufacturing facility or a nuclear power plant. With the advent of IoT/OT technologies, the stakes are ever higher.
 
With training and with competence measurement we can build into the existing engineering and IT disciplines the knowledge, skills, abilities and tasks to counter the threat associated with these developments.

We have the scars and the memories of how the last 20 years have played out, and we know serious and organised crime will and does take advantage of our slowness - just look at the troubles Jaguar Land Rover and the automotive industry generally have encountered recently; that cool keyless entry isn’t so cool when a 15yr can steal your car inside 3 minutes.

The easy returns for crime gangs are just too tempting; we know we have to skill up before the bad guys do. That’s why now is the second-best time to plant that tree.

Charles White is CEO of The Cyber Scheme

You Might Also Read: 

Is Artificial Intelligence The Answer To The Cybersecurity Skills Shortage?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Insights From An Early Adopter Of Microsoft 365 Copilot
A Deep Dive Into Deepfakes & The Threat To Digital Identity Verification »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Fenror7

Fenror7

Fenror7 lowers the TTD (Time To Detection) of hackers, malwares and APTs in enterprises and organizations from 300 days on average to 24 hrs or less.

7Safe

7Safe

7Safe has been delivering hands-on digital security training courses since 2001 and offer e a portfolio of university and industry-accredited courses.

North American Electric Reliability Corporation (NERC)

North American Electric Reliability Corporation (NERC)

NERC is a not-for-profit international regulatory authority whose mission is to assure the reliability and security of the bulk power system in North America.

SolutionsPT

SolutionsPT

SolutionsPT enables customers to strengthen their Operational Technology (OT) network to meet the ever increasing demand for performance, availability, connectivity and security.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Qrator Labs

Qrator Labs

Qrator Labs is a leader in DDoS attack mitigation, helping organizations protect their websites from the most harmful, sophisticated DDoS attacks.

VLATACOM Institute

VLATACOM Institute

Vlatacom Institute is privately owned accredited research and development institute, system integrator and turn-key solution provider. Areas of expertise include encryption and authentication.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

Robo Shadow

Robo Shadow

Robo Shadow are trying to bridge the gap between the top tier organisations that can afford everything and everyone else who has to “Make it up as they go along” when it comes to Cyber.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

LaScala

LaScala

LaScala is an IT Managed Services provider delivering technical, security, and compliance solutions with dedication, compassion, and agility.

Finite State

Finite State

Finite State enables product security teams to protect the devices we rely on every day through market-leading software threat, vulnerability, and risk management.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

DuckDuckGoose

DuckDuckGoose

DuckDuckGoose offer advanced solutions to protect against manipulated videos, images, voices and texts.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.