The UK Government’s Cyber Security Skills in the UK Labour Market 2023 report shows that more than 50% of UK companies have a basic cybersecurity skills gap and 33% have an advanced skills gap showing close to no improvement since last year.
This year was the first year of the study that included a survey question focused on the UK Cyber Security Career Route Map, introduced in 2021, intended to make it easier for individuals to enter cyber security roles via a range of possible pathways. Unfortunately, most of the respondents hadn’t heard of it, so more referenced certification requirements as a hurdle.
“The training is there but it is costly. The certification programmes require quite a hefty cost for the training if you’re going to send people off for the week. Because there is such a shortage of skills in the industry, a lot of organizations are reluctant to put employees through it because once they are qualified, they are quite likely to move to another job on a higher salary,” said an unnamed Cyber sector respondent.
Furthermore, 41% of businesses report a lack of confidence in the area surrounding incident response, one of the top areas covered by external providers. Of the 33% of businesses that outsource any aspect of cybersecurity, 82% utilized an external cybersecurity provider to deal with incident response and recovery.
“There is a low level of understanding of what to do with incident response. I’ve even found with qualified IT security people, because they don’t have to do incident response very often, sometimes when they need to do a basic one, they need help,” said an unnamed public sector respondent.
Avkash Kathiriya, Senior VP of Research and Innovation, Cyware had this comment:
“The cybersecurity skills gap is a consistent challenge for security teams, and while programs designed to incentivize education and development, we as an industry need to do more to promote these programs and address barriers to entry. For example, ISC^2 has recently introduced an entry level cybersecurity certification program.
“But this problem isn’t scalable with human expertise alone, particularly in terms of incident response. We need technology that can automate tedious, time consuming tasks that connect the dots for security practitioners, providing visibility and context to take the right action at the right time.”
This is a challenge not just for the United Kingdom, but for everyone as finding people with the right skills is a non-trivial task for many sectors. Hopefully this is something that can be turned around before it comes back to bite us all.
Like this:
Like Loading...
Related
This entry was posted on July 27, 2023 at 8:45 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
UK Gov Report: Cybersecurity Skills Gap Stagnant
The UK Government’s Cyber Security Skills in the UK Labour Market 2023 report shows that more than 50% of UK companies have a basic cybersecurity skills gap and 33% have an advanced skills gap showing close to no improvement since last year.
This year was the first year of the study that included a survey question focused on the UK Cyber Security Career Route Map, introduced in 2021, intended to make it easier for individuals to enter cyber security roles via a range of possible pathways. Unfortunately, most of the respondents hadn’t heard of it, so more referenced certification requirements as a hurdle.
“The training is there but it is costly. The certification programmes require quite a hefty cost for the training if you’re going to send people off for the week. Because there is such a shortage of skills in the industry, a lot of organizations are reluctant to put employees through it because once they are qualified, they are quite likely to move to another job on a higher salary,” said an unnamed Cyber sector respondent.
Furthermore, 41% of businesses report a lack of confidence in the area surrounding incident response, one of the top areas covered by external providers. Of the 33% of businesses that outsource any aspect of cybersecurity, 82% utilized an external cybersecurity provider to deal with incident response and recovery.
“There is a low level of understanding of what to do with incident response. I’ve even found with qualified IT security people, because they don’t have to do incident response very often, sometimes when they need to do a basic one, they need help,” said an unnamed public sector respondent.
Avkash Kathiriya, Senior VP of Research and Innovation, Cyware had this comment:
“The cybersecurity skills gap is a consistent challenge for security teams, and while programs designed to incentivize education and development, we as an industry need to do more to promote these programs and address barriers to entry. For example, ISC^2 has recently introduced an entry level cybersecurity certification program.
“But this problem isn’t scalable with human expertise alone, particularly in terms of incident response. We need technology that can automate tedious, time consuming tasks that connect the dots for security practitioners, providing visibility and context to take the right action at the right time.”
This is a challenge not just for the United Kingdom, but for everyone as finding people with the right skills is a non-trivial task for many sectors. Hopefully this is something that can be turned around before it comes back to bite us all.
Share this:
Like this:
Related
This entry was posted on July 27, 2023 at 8:45 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.