UK Launches Consultation To Develop Cybersecurity Profession

The Department for Digital, Culture, Media and Sport (DCMS) has launched a consultation into developing the cybersecurity profession in the UK to support the National Cyber Security Strategy (NCSS). To support this effort, it has also proposed to create a UK cybersecurity council, which would sit independently of the government. 

The NCSS sets out the government's ambition to ensure there is a sustained supply of the best possible home-grown cybersecurity talent, which is to be achieved by 2021. This consultation, which closes on August 31, is for a broad range of interested parties including cybersecurity professionals, existing cybersecurity professional organizations in the UK, students and recent graduates, academia and law enforcement communities. 

Margot James, chair of the DCMS, wrote about why an intervention was needed to support the NCSS: "The cybersecurity profession is relatively new and has developed organically over recent years. It is broad and varied; those working in the cybersecurity ecosystem are found across multiple disciplines including engineering, technology, business, social science, compliance and law, with a wide range of different competencies.

"We heard strongly during our pre-consultation engagement that to build on the good work, more needs to be done to create the environment for the cybersecurity profession in the UK to develop at the pace required," she continued. "There was a strong sense from many we engaged with that there is no generally accepted, unifying narrative of what makes a cybersecurity professional. Misconceptions and stereotypes about cybersecurity professionals remain and we heard clearly that many still consider cybersecurity to be a complex subject area and a career which lacks clear routes into and through it."

The NCSS has specified goals to reach between now and 2021. By the end of 2019, there will be an early development and alignment of a coherent set of career specialism pathways into and through the cybersecurity profession and a draft Code of Ethics will be agreed between participating cybersecurity professional organizations. 

To support this, a number of established councils, chartered professional bodies, academics and industry groups have established a collaborative alliance to advance the development of the cybersecurity profession. With an overall aim to provide clarity around the skills, competencies and career pathways within this fast-moving area of professional practice, the initial objective for The Alliance is to support commitments expressed within the UK NCSS to provide a focal point for advising national policy, including the stated intent to recognize professionals through Chartered status. 

The Alliance brings together a range of expertise and disciplines, including BCS, The Chartered Institute for IT, Chartered Institute of Personnel & Development (CIPD), CREST, The Engineering Council, IAAC, The Institution of Analysts and Programmers (IAP), The IET, (ISC)2 and techUK. Talal Rajab, head of program - cyber and national security, techUK, commented on the coming together of these bodies: "techUK is pleased to be a founding member of the Alliance and contribute to the development of the cybersecurity profession. 

"Our digital economy is underpinned by the need for cybersecurity expertise and skills across a range of disciplines. Through bringing together these professional bodies and harnessing the full range of established cybersecurity professional expertise, the Alliance will go a long way to providing a focal point for the sector on the cybersecurity skills, competencies and standards needed to ensure that the UK has the skills needed to remain resilient to the growing cyber-threat.”

This announcement from the government follows the announcement from The Joint Committee for National Security Strategy which criticized the government for not acting urgently enough on critical national infrastructure cybersecurity. Kamila Hankiewicz, managing director, Girls in Tech, also feels strongly that not enough is being done to get people, especially women, into cybersecurity roles: "The current education model is flawed and results in a low number of women applying for technology roles. This means our nation misses out a huge group of talent in positions needed for the future workforce. 

"A shortage of female talent is predominantly down to a lack of awareness of the opportunities that exist and a flawed perception that you need to be strictly technical to work in industries such as cybersecurity, automation or crypto-investing. It is our responsibility, as the future leaders of the UK, to ensure that our governments are investing in children at an early age - preventing them from developing an unconscious bias towards STEM and getting them excited about the opportunities that the future digital economy presents."

Infosecurity:

You Might Also Read:

What Does Brexit Mean For British Data Privacy?:

Are Women Better At Cyber Security?:

 

 

« Cyber Threat Warnings ‘Blinking Red’
Kremlin Hacking Crew Take A 'Roman Holiday' »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IONU Security

IONU Security

IONU offer a security platform focused specifically on providing Data-centric Security.

Zscaler

Zscaler

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

Tinfoil Security

Tinfoil Security

Tinfoil is a simple, developer friendly service that lets you scan your website for vulnerabilities and fix them quickly and easily.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

Wireless Logic

Wireless Logic

Wireless Logic delivers a range of secure and resilient value-added M2M/IoT managed services that empower remote devices to communicate cost-effectively, two ways.

HYPR

HYPR

HYPR Decentralized Authentication minimizes the risk of enterprise data breaches while providing an enhanced user experience for your customers and employees.

Stellar Cyber

Stellar Cyber

Stellar Cyber makes Open XDR, the only comprehensive security platform providing maximum protection of applications and data wherever they reside.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

SOC Experts

SOC Experts

SOC Experts is a pioneer (we started SOC training well before people realized how big the domain was going to be) and the only institution to provide end-to-end training on Security Operations Centers

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.

RIoT Secure

RIoT Secure

RIoT Secure AB is a technology enabler within the IoT industry - created with a vision to ensure security technology exists in the foundations of software development for IoT solutions.

QualySec

QualySec

QualySec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services.

Kali Linux

Kali Linux

Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing.