Cybersecurity Skills Shortage & the UK
The cybersecurity skills shortage is a big problem. It was predicted as a key forecast for 2017 and has been a growing concern within the cybersecurity sector for some time. 45% of organisations now identify that they have a shortage of cybersecurity skills, versus 28% only two years prior. In addition, by 2019 it’s anticipated there will be a global shortage of two million professionals within the cybersecurity space. With the number of high-profile hacks, data breaches and cases of leaked sensitive information increasing in volume and severity worldwide, it is now more imperative than ever for organisations to ensure they are adequately protected against cyber threats.
What steps are being taken within the UK to tackle this issue?
None traditional hiring practices
With such a limited talent pool to choose from, organisations in the UK are now ‘thinking outside the box’ when it comes to recruiting cybersecurity talent. Previously, 92% of hiring managers prioritised the presence of many years of cybersecurity experience of candidates above all other requirements, but things are beginning to change.
Presently, only 25% of candidates hold qualifications outside of the technology space. Moving forward, hiring managers are employing individuals at graduate level that can be trained in the field. Traditionally, those with Computer Science and Technology relevant qualifications would have been the only ones considered for such roles, but whilst the talent pool remains lean, other educational backgrounds are being considered as alternatives. Their ability to view things from outside of a technical mind-set has been highlighted as a key benefit by hiring managers looking for candidates outside of the usual remit.
On average, it takes around six months to fill a cyber security vacancy, and only 12% of the cybersecurity workforce are under 35 years old. Things will need to change.
Cyber Schools Programme
Further to shifting hiring focus onto the graduate market, the UK is going one step further and also encouraging those at school-level to develop an interest in cybersecurity. The UK Government has established an initiative known as the ‘Cyber Schools Programme’. Targeting 14-18 year olds, the plan is for this programme to have trained in excess of 5,500 young people in cybersecurity skills by 2021. With £20 million in funding, the course aims to cover aspects such as ‘digital forensics, defending web attacks, programming and cryptography’. It is hoped that as a result, organisations will create apprenticeships and internships to allow integration of these individuals into their company, reducing the strain and competition for higher-level cybersecurity professionals within organisations.
National Cyber Security Centre
Launched in October 2016, the National Cyber Security Centre has been created to provide ‘a single point of contact for SMEs, larger organisations, government agencies and departments’. The introduction of this service shows that the UK is taking cybersecurity seriously, and is clearly looking at ways to encourage individuals to learn more about this evolving technology. As a central hub for all-things cybersecurity, they provide support to academic institutions to ensure that the next generation of cyber security professionals are educated and enthused about the future of national cyber security. In addition, the NCSC also offers a ‘CyberFirst’ programme aimed at 11 to 17 year olds. A combination of residential, and non-residential short courses, hosted by a number of UK Universities; CyberFirst is designed to introduce students to cybersecurity and is free of charge. To attend.
Using Artificial Intelligence
Whilst the UK waits for the next generation of cybersecurity professionals to complete their academic studies, other avenues are being explored. One such avenue is the use of Artificial Intelligence. In its most simplistic form, artificial intelligence can support organisations by detecting and identifying abnormal behaviours in their network. These can then be flagged for the attention of a cybersecurity professional, who can look at the context of these anomalies to determine if they are a genuine threat. By delegating the detection aspect of cybersecurity to Artificial Intelligence, human professionals will be able to focus their attention elsewhere.
With the threat of cybercrime increasing at an alarming rate, it is essential that countries do everything they can to encourage individuals into the cybersecurity field in order to reduce the cybersecurity skills shortage worldwide. In 2017, the UK took strides towards closing the gap – will others follow during 2018?
Are you looking for as new role in Cybersecurity? Click here to see our current vacancies.