Cyber Security Skills Are On The Limit

Uploaded on 2019-12-03 in JOBS-Training, JOBS-Careers, GOVERNMENT-National, FREE TO VIEW

The range of technical and specialist skills that are needed to ensure that the services, systems and networks are secure are in short supply. 
 
While UK has one of the most vibrant digital economies in the world, there are not enough people with the cyber security skills base to go round, with both the Government and private sector affected by the shortage in skills.
 
A new, in-depth piece of research conducted amongst UK CIOs and senior IT professionals has revealed that the cybersecurity skills gap has reached a crisis point. 
 
Cybercrime is on the rise and businesses large and small are at risk. For management, the question is not if you will be targeted, but when. British businesses are on the back foot in the ongoing war against online fraud and cybercrime and another recent industry study estimates that cyber-crimes cost UK businesses £2.3million per minute in 2018.
 
The study from digital resilience experts RedSeal, has unearths major concerns about business’ ability to develop, attract and retain new talent with the right skillset to stand up against an ever growing threat landscape. Generation Z are growing up as digital natives, with new options for coding classes from a young age. Universities need to follow this through and place an emphasis on up-skilling the next generation.
 
RedSeal say that as many as 87% of CIOs and senior IT pros reported that they are struggling to find cybersecurity pros with the expertise needed to combat serious and organised online crime.
 
Almost three quarters (73%) went on to say that uncertainty around Brexit is a huge  concern when it comes to hiring security professionals from outside the UK.
 
The participants believe that this widening gap has the potential to cause irreparable damage to the UK businesses and RedSeal is urging the UK government to create a more robust education policy that will deliver the skills needed in the future. 
"Across the industry, we have drained the talent pool for security professionals," said Mike Lloyd, CTO at RedSeal. "There's a global shortage of about 4 million cybersecurity pros, up from just over 3 million, last year." 
 
An overwhelming 95% said that Brexit will widen the current skills gap, since many IT security professionals currently within British business are from outside the UK, mostly due to the lack of advanced cybersecurity education provided locally. 
There’s nowhere near enough homegrown talent, with the top experts coming from Europe and Israel, where individuals are still being conscripted to cope with cyber warfare!
 
It has been just over a year since Parliament’s Joint Committee on the National Security Strategy published a report exposing the UK’s chronic lack of digital skills, even within some of its own security agencies. The report revealed that ‘although the UK has one of the most vibrant digital economies in the world, there is not currently the cyber security skills base to match, with both the Government and private sector affected by the shortage in skills.’ 
 
At the time, authors of the report, titled Cyber Security Skills and the UK’s Critical National Infrastructure, voiced huge concerns around the Government’s lack of urgency in addressing the cybersecurity skills gap in relation to Critical National Infrastructure, yet still, nothing has been done to address this.
 
Cybercrime's  impact on UK business continues to grow. In fact, a staggering 81% report that they have suffered a cybersecurity breach in the last 12 months. 
 
The lack of skills has also contributed to a lack of proper response planning and almost half (40%) of senior IT pros state that their business doesn’t even have a plan in place to respond to a security breach. The UK's education system can help, but not quickly as professionals agree that it takes about 10 years of real-world experience to develop the skills needed to combat today's threats, so we're facing a sustained drought for talent.  
 
In 2018, UK Parliament's Report (Cyber Security Skills and the UK’s Critical National Infrastructure) revealed that "although the UK has one of the most vibrant digital economies in the world, there is not currently the cyber security skills base to match, with both the government and private sector affected by the shortage in skills". 
 
The Government must work in close partnership with industry, as well as with academia, to put in place a range of measures to meet short-term demand and develop a pipeline of specialists in the longer term. 
 
The Report identified several key measures that form part of the solution, including:
  • Using education, both inside and outside the classroom, to create a strong foundation for the future skills base. Despite a promising array of Government initiatives in this regard, the scale of these efforts does not yet match the scale of demand;
  • Industry being more creative in terms of how it recruits and reskills employees, albeit with Government support, given the importance of CNI to national security;
  • Professionalising the relatively immature cyber security industry, through achieving Royal Chartered status, which would also go some way towards raising the industry’s profile and making it a more attractive career option to more people. However, care must be taken that professionalisation does not inadvertently lead to exclusion; 
  • Identifying not only a lead Department (which is the Department for Digital, Culture, Media and Skills), but robust mechanisms for cross-government coordination and cooperation, clear lines of accountability, and a Minister with clear lead responsibility for the development of cyber security skills.
 
Parliament:         RedSeal:           NetImperative:      ITPro
 
You Might Also Read:
 
Closing The Skills Gap Starts At School:
 
UK Workforce Lacks Basic Cyber Training:
 
 
 
« Police Launch Global Attack On Islamic State
Easy Cyber Knowledge Chapter 6: Future Cyber Predictions »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

Entreda

Entreda

Entreda offers a unified platform to automate cybersecurity and compliance policy enforcement for your devices, users, networks, applications.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

Eunetic

Eunetic

Eunetic IT security solutions - we secure your websites, emails, domains and data.

Orpheus Cyber

Orpheus Cyber

Orpheus Cyber provides predictive and actionable intelligence to our clients - enabling them to anticipate, prepare for and respond to the cyber threats they face.

BitLyft

BitLyft

BitLyft is a managed detection and response provider that is dedicated to delivering unparalleled protection from cyber attacks for organizations of all sizes.

ECIT

ECIT

ECIT is your preferred provider of finance and IT services. We believe in the value of combining financial and IT services to streamline and improve the operation of your business.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.

Brunswick Group

Brunswick Group

Brunswick is a critical issues firm. We advise the world’s leading companies on how to navigate the critical issues they face and engage with their critical stakeholders.

Daylight Security

Daylight Security

Daylight Security is the leading provider of Managed Agentic Security Services, offering tailored MDR solutions that are delivered by Agentic AI and backed by elite human experts.