Government response to JCNSS report: Cyber Security Skills and UK CNI

19 Nov 2018 12:16 PM

This week Government has responded to the Joint Committee on the National Security Strategy report on Cyber Security Skills and the UK’s Critical National Infrastructure.

The report, released in July stated that there was ‘cause for alarm’ around the gap between the demand and supply of suitably skilled cyber security workers in the UK’s Critical National Infrastructure sectors. The report argued that Government needed to do significantly more to understand the scale of the problem and then address it effectively.

The full Government response can be accessed here.

Within the response Government outline some of the measures it is taking in this space, including:

• Publication of a National Cyber Skill Strategy by the end of 2018;
• Continuing the work to develop a UK Cyber Security Council, following a public consultation;
• Long-term initiatives such as Cyber Discovery (a £20m extra-curricular game-based programme for students aged 14–18) and CyberFirst (which offers courses and bursaries to inspire and support the next generation of cyber security professionals);
• Developing the Cyber Security Body of Knowledge (CyBok) with UK academics in consultation with the national and international cyber security sector;
• Large-scale reforms around the curriculum including the Computer Science GCSE and A Level, accelerated with £84m of new funding over the next four years; and
• Department for Education aiming to upskill up to 8,000 existing teachers without a post-A level qualification through a National Centre of Computing Education and an intensive Continuing Professional Development (CPD) programme.

Chair of the Committee, Dame Margaret Beckett MP, recently said in response:

“Building cyber security capacity within Government and across Critical National Infrastructure sectors is a matter of utmost importance to the UK’s national security. Today’s Response from the Government accepts the need to think creatively about current and future challenges relating to cyber skills. This is a start.

The Government sets store by its 2016 National Cyber Security Strategy, and today’s Response to our Report acknowledges that in terms of a standalone skills strategy, there is more to do. We have been assured that Government has begun work on that strategy, which they promise by the end of 2018. When it arrives, we will look carefully to ensure that this is the case.

The UK has already seen the potential consequences when CNI is affected by a major cyber attack – demonstrated in the NHS. The Committee remains to be convinced that Government has grasped the immediate challenge of keeping CNI secure from cyber threats. Many of the plans set out in this Response will come to fruition in a decade’s time. It fails to answer our questions about today and tomorrow – and this is concerning.”