Shortfall in cyber-security is of critical importance for the public sector
By Ian Parslow, Senior Vice President at MTI Technology - 7 December 2015
The inescapable media coverage surrounding cyber attacks in 2015 has made the cyber-risk irrevocably clear. We are living in an age where businesses and institutions are at risk just by being online. From enterprises to critical national infrastructure and financial services, any and all are at risk of a cyber attack.
As a result, the demand for cyber-security experts is set to outstrip demand by a third within the decade. The only figure that is not increasing is the number of cyber-security professionals available to combat the new threat. The security certification and industry body, (ISC) 2, forecasts that businesses and the public sector will need six million security professionals by 2019. Yet, only 4.5million will have the necessary qualifications leaving a shortfall of 1.5 million.
The need for increased focus
There needs to be a greater combined focus on protecting valuable infrastructures. George Osborne recently announced the government’s commitment to tackling cyber crime, increasing cyber-security spending by 2020. The reality however, is that the talent will not be available to warrant the increased budget. UK businesses need to lay the groundwork now to safeguard the future of not only the IT industry, but the wider cyber-security of private and public entities.
The current cyber-apprenticeships programs by the government and the opening of an institute of coding are good places to start. However, to counter the immediate threat from cyber-hacking and cyber-terrorism, greater incentives and support is needed for IT/IT security graduates.
A sensible suggestion could be to allocate a significant portion of the proposed budget of £1.9bn, to help guide and prepare the next generation of IT security specialists. Businesses, academic institutions and the government need to work together to provide a platform for IT graduates to leverage the IT security industry, allowing them to gain crucial experience. After all, these young people will be on the front line against future cyber-attacks.
Filling the gap
The current IT skills gap is a worrying problem for everyone, especially the IT industry. Cyber-security vacancies are at an all time high. A senior executive at Ernest Young recently stated that there is virtually zero per cent unemployment in the IT security industry at the moment.
Although government initiatives are beginning to take off, we need to implement short-term measures to combat the present threat of cyber-attacks. Allowing talent from oversees to enter the UK and supplement the existing talent pool is one way to boost resources. It would not be wise to close our borders to talent that we desperately need and which could help us better protect our virtual borders.
Cyber-crime has now overtaken physical crimes to become the most recorded offence in the UK. In order to combat this threat, we need to combine resources across different sectors with a joint goal of creating and nurturing the next generation of IT security professionals.
It is inevitable that with the current surge in cyber-attacks, the focus will eventually shift from hackings and breaches of enterprises to more critical public sector targets, whether it is for commercial or more nefarious reasons. Organisations need to have the necessary protection in place to protect crucial data and that begins with having the right people in place.