Calling IT Professionals: Addressing the Security Skills Gap

Categories: IT Security

Art Coviello at RSA often refers to the skills gap in the number of Cyber security professionals in his keynotes. A UK National Audit Office report out today quotes it could take “up to 20 years to address the skills gap”.

The truth is the number of IT and cyber security professionals in the UK has not increased in line with the growth of the internet and the NAO warns that the UK faced a current and future cyber security skills gap, with “the current pipeline of graduates and practitioners” unable to meet demand.

It warned that the cost of cyber crime is estimated to be between £18bn and £27bn a year. In 2011, ministers announced funding of £650m to implement the UK’s Cyber Security Strategy, which set out the risks of the UK’s growing reliance on cyber space.

The strategy identified criminals, terrorists, foreign intelligence services, foreign militaries and politically motivated “hacktivists” as potential enemies who might choose to attack vulnerabilities in British cyber-defences. To date both SOCA (Serious Organised Crime Agency) and Action Fraud, the UK’s national fraud reporting centre have both been very active in thwarting threats.

How can this skills gap be addresses? It needs investment by the government but also by education authorities and indeed the Cyber security profession.  Many years ago studying IT at a University was very attractive, but it seems to have lost its appeal.  Moreover, how many IT related degree courses actually teach security as part of its curriculum.

I think the industry needs to do its part to ensure that the Cyber security profession is seen as an attractive career choice and start early by evangelizing in schools and colleges.

The TV series CSI did wonders for enrolment into Forensics courses so I wonder if we need an equivalent Cyber security TV series to get individuals signed up.  Whatever, we do we are still going to be faced with a huge skills gap in this sector.

Rashmi Knowles

Rashmi is Chief Security Architect at RSA, The Security Division on EMC. In her role Rashmi is responsible for Technology and Compliance Solutions for the EMEA region. Her current responsibilities include working with customers in a Trusted Advisor role, Thought Leadership for emerging technologies and key spokesperson in the region for RSA’s Virtualisation and Cloud strategy and Compliance Solutions and a subject matter expert on Data Loss Prevention and Encryption Solutions. Rashmi has over twenty years experience in data communications, mobile communications and has focussed on Information Security for the last 15 years. Rashmi holds a degree in Computer Science from the De Montfort University and a Post Graduate in Computer Studies from the University of the South Bank, London. Subscribe to Rashmi's RSS feed