UK's persisting deficiency in cyber experts poses a threat to the nation's security
Recent cyber-attacks on M&S and Co-op have highlighted the growing threat to UK citizens and businesses, underscoring the need for improved cybersecurity training. A researcher at De Montfort University, Dr. Ismini Vasileiou, has written a paper for the All-Party Parliamentary Group (APPG) on Cyber Innovation to address the country's long-running skills gap.
Dr. Vasileiou's paper outlines five key steps to improve cybersecurity training and secure skills for decades to come.
1. Establish a Cyber Skills Taxonomy
The paper calls for the Department for Science, Innovation and Technology (DSIT) to set up a taskforce that will create a cyber skills taxonomy. This taxonomy will define roles, career pathways, and skill levels, ensuring clarity on what training is needed and what jobs it will lead to.
2. Set Up a National Delivery Body
A national delivery body should be established to govern the proposed taxonomy. This will help standardize cybersecurity skills across the UK, making training more effective.
3. Implement Employer Incentives
The report suggests providing incentives such as grants or best-practice endorsements to encourage employers to adopt standardized security recruitment practices. This will help shift recruitment away from outdated methods like relying solely on certifications, towards more inclusive role definitions.
4. Strengthen Educational Programs
While not explicitly detailed in the provided information, strengthening educational programs is likely a crucial step. Enhancing educational institutions' ability to provide relevant cybersecurity training is essential to equipping students with the necessary skills.
5. Encourage Industry Partnerships
Fostering collaborations between academia and industry to ensure practical training and job placements is also likely to be a key step. This will help bridge the gap between theoretical knowledge and real-world applications.
6. Promote Lifelong Learning
Promoting continuous education and training in cybersecurity is crucial. This ensures professionals stay updated with the latest threats and technologies, which is essential for addressing the evolving cybersecurity landscape.
The UK's chronic shortage of cyber professionals is a critical situation, particularly for Small and Medium Enterprises (SMEs). Dr. Vasileiou warns about the risks posed by a shortage of security professionals. The paper argues that we won't secure a 21st Century digital economy with a 20th Century skills pipeline.
The report advises shifting recruitment away from outdated proxies (e.g. certifications alone) towards clear, inclusive role definitions. Fortinet's report suggests that as many as 80% of data breaches are caused by lackluster capabilities in cybersecurity. The UK is at risk of cyber attacks due to a shortage of cybersecurity specialists.
Moreover, learning AI fundamentals is crucial but insufficient; it emphasizes the need for interdisciplinary thinking in cybersecurity. The paper does not mention anything about following a platform on Google News or any related ITPRO articles.
- To address the UK's cybersecurity skills gap, Dr. Vasileiou's paper recommends establishing a Cyber Skills Taxonomy, defined by the Department for Science, Innovation and Technology (DSIT), to clarify roles, career paths, and skill levels.
- To ensure standardized cybersecurity skills across the UK, the paper suggests setting up a national delivery body to govern this proposed taxonomy.
- In an effort to encourage employers to adopt standardized security recruitment practices, the report advises offering incentives like grants or best-practice endorsements. This would help shift recruitment away from relying solely on certifications.
