Committee urges urgent action on cyber skills gap

19 Jul 2018 02:33 PM

Joint Committee on the National Security Strategy (JCNSS) has released a report into Cyber Security skills.

Today, the Joint Committee on the National Security Strategy (JCNSS) has released a report into Cyber Security skills as part of its work looking at the cyber resilience of UK Critical National Infrastructure (CNI). The report, the first of two, concludes that a shortage of specialist technical skills in the cyber sector is one of the largest challenges facing UK CNI.

The Committee calls on Government to step forward and take the lead in developing a strategy to give drive and direction to the lack of cyber security skills in the UK, in particular through finalising a Cyber Skills Strategy that was originally expected in November 2016 but not now expected until late 2018. This Strategy, the report implies, would help form a more detailed analysis of the challenges and scale facing the sector, improving the Government’s ability to understand and therefore address the skills shortfall. Similarly, the report suggests that any strategy should contain a formalised implantation plan.

Some of the key conclusions and recommendations of the Report include:

• A concern that information about the nature of the cyber security skills gap in the CNI sector is primarily anecdotal: there is no detailed analysis available of which CNI sectors are most affected, in which disciplines and at which levels of expertise the shortage is most acute, or of where these gaps leave the UK critically vulnerable.
• Welcoming the many useful initiatives to date, but suggesting that industry be utilised more as a source of up to date expertise. In particular, the scale of educational initiatives should be scaled up to meet massive demand, and the long term nature of schools based initiatives means other methods should be employed more, for example upskilling the existing workforce;
• Widening the National Cyber Security Centre’s (NCSC) Industry 100 initiative across Government and CNI operators, and ensuring all civil servants have basic cyber security training;
• Calling on Government to move forward with its plan for the a Cyber Professional Body, helping to mature the profession and forging clear career pathways and entry points;

The Chair of the Joint Committee, Dame Margaret Beckett MP, said:

“We acknowledge that the cyber security profession is relatively new and still evolving and that the pace of change in technology may well outstrip the development of academic qualifications. However, we are calling on Government to work closely with industry and education to consider short-term demand as well as long-term planning. As a very first response, Government must work in close partnership with the CNI sector and providers to create a cyber security skills strategy to give clarity and direction. It is a pressing matter of national security to do so."

Responding to the report, Talal Rajab, Head of Cyber and National Security, techUK said: “We are pleased to have worked with the Joint Committee on the National Security Strategy on this important inquiry into the cyber resilience of the UK’s critical national infrastructure (CNI).  

“The WannaCry attack last year demonstrated the negative consequences a successful cyber attack can have on our critical infrastructure and, as various CNI sectors become more digital in nature, the protection of essential services will be one of the greatest challenges facing the UK.  

“The Joint Committee’s report rightly recognises that a lack of cyber security skills in the UK is unduly affecting the ability of CNI operators to protect the critical sectors that we rely on in our daily lives.  techUK welcomes the many initiatives that Government has conducted in this space from the classroom to the boardroom. This includes the recent announcement pertaining to the creation of a Cyber Professional Body that will establish career pathways for cyber professionals to enter the sector. We also commend the ongoing work of the NCSC’s Cyber First programme inspiring young people, especially girls, to consider a career in cyber. We look forward to working with Government as it increases activities to plug the cyber skills gap and protect the UK’s critical services."

The full report can be accessed here.