Striving to solve the security skills crisis

The Cyber Security Challenge is doing a fine job, but flat registration growth and weak Government funding are cause for concern, Tom Brewster discovers.

With so many people out of work and with many more redundancies to come, moaning about skills shortages feels a little insensitive. But when talking about an employment crisis that has a major influence on national security, it doesn't feel so bad to have a grumble.

The information security industry in this country has been suffering from a dearth of talent for years. Even though recent McAfee-backed research suggested the UK was better prepared for attacks than many, plenty more must be done to bolster the nation's defences.

The consequences of inaction are clear: few security pros means ineffective security. Imagine if our armed forces consisted of only a few thousand semi-competent soldiers, or if our defences could do little more than prevent a rambunctious group of football hooligans from causing chaos.

Such analogies are not overly hyperbolic. Every day Government bodies and successful private businesses are seeing data stolen and websites defaced. Often, the skill required to enact illicit breaches is minimal. Simple SQL injections or easily organised DDoS attacks are embarrassing councils and corporations alike.

Advertisement - Article continues below

The scale of the problem is getting bigger, as is the depth of the problem.

That's why in 2010, the UK Cyber Security Challenge was launched, inspired by a similar programme in the US. Its aim is simple produce security professionals and get them working.

IT Pro has been tracking the Challenge's progress since its inception. As it heads into the final stages of its second year, what's clear now is that this promising initiative is moving fast, with so many competitions taking place it's hard to keep up. Yet amidst the frenetic goings on, there lurk niggling issues that need addressing if the Challenge is to meet its ultimate aim.

Upping their game

From an infrastructural stance, the improvements have been dramatic. Just last month, the project's first CEO was appointed. He carries an impressive CV too. Prior to his move over to the Challenge, Duncan Hine was head of security for NATS, the organisation responsible for UK air traffic services.

Before that, he was helping run security operations for the Home Office's Identity and Passport Service. Hine was also CIO of the Post Office. Put simply, his experience in high-profile IT is exemplary.

And importantly, he is fully aware of the nature of the crisis at hand. "The national skills shortage in this area and related areas is really profound. The scale of the problem is getting bigger all the time," Hine told IT Pro.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now

Most Popular

digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
mergers and acquisitions

Xerox threatens hostile takeover after HP rebuffs $30bn takeover

22 Nov 2019
data breaches

T-Mobile data breach affects more than a million users

25 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019