Earlier this month, the government announced a consultation into plans to replace the ICT programme of study in the National Curriculum with Computing, which would see a greater emphasis on the fundamental skills of programming, coding and security. The move has been warmly received across the UK technology industry as a way to move the subject away from the daily use of existing software, to a platform through which our internet and technology literate young people can initially develop their skills and then create the IT tools and systems of the future.
The change comes at a time when the opportunities for a career in cyber security are plentiful, but the industry is struggling to find enough recruits with the right skills and aptitude to enter the profession. In the Defence Select Committee Report on Cyber Security, published at the end of last year, John Bassett from the Royal United Services Institute, which is engaged in pioneering defence and security research, commented; “[the top priority in cyber security] is about ensuring we have enough good people in the Ministry of Defence, other parts of Government, academia and industry, and we do not have enough at the moment. I think that growing and skilling the people is the single most important thing for us to do.”
It’s a concern I hear time and again from UK employers in my position as chief executive of the Cyber Security Challenge UK, an organisation which aims to address the skills gap in the cyber security profession via a series of national competitions sponsored by industry, government and academia. There are a great many firms looking for that valuable combination of technical expertise and commercial awareness that can not only protect them from the increasingly organised world of cyber crime but that can be delivered in a way that doesn’t impede business growth or how staff do their jobs. Employers just can’t find these skills, which has hard financial implications for them and for the UK economy as a whole. Last year, for example, Jonathan Evans, MI5 Director General revealed that a state-backed security attack cost a UK company £800m in potential revenue.
As more organisations transfer more of their processes online, this means the next generation of cyber security professionals will be responsible for defending our core services. This includes the safety and security of infrastructure, the intellectual property that underpins pioneering technology and the commercially-sensitive information that is the life-blood of our economy.
Despite the increasing demands for skills, over the past ten years the number of students sitting Computing A-Levels has declined by 60 per cent and in 2011/12 the subject represented just 0.5 per cent of all A-level examinations taken across the UK. The addition of Computing to the curriculum would be a step towards tackling the decline, but more needs to be done to develop the talent pool that the UK needs to perform this underpinning role effectively.
The education system needs the help of industry to ensure that what is being taught in the classroom keeps up to date with the continually evolving cyber security landscape and the challenges that face us in the real world. Almost every week there is a new type of threat or a new response technique that emerges. While this makes it an incredibly exciting career for those in the industry, these frequent developments make it increasingly difficult for schools to teach the most up-to-date cyber security thinking. We need to create key touchpoints throughout the education system that allow the cyber security profession to engage with schools and, in turn, enable students to see how their interests align with this incredibly exciting and challenging industry.
A co-ordinated approach such as this, which gives students the opportunity to apply technical skills to real-world applications, will help engage interest in cyber security and to realise their potential in the profession. Now is the time for employers to engage with schools to ensure the pool of cyber security talent for the future is big enough and good enough for the task ahead.
Stephanie Daman is chief executive of Cyber Security Challenge UK
Related
