Charting A Course To Address The Cyber Skills Shortage

CEO of the UK Cyber Security Council, Professor Simon Hepburn, discusses standardising cyber security professional titles and what this means for attracting talent, streamlining recruitment, and tackling the cyber skills gap

Though the cyber security industry is still maturing, bringing the sector in line with other chartered industries, such as surveying and accountancy, has been needed for some time. 

With the UK’s cyber sector facing a workforce gap of over 14,100 people, it’s clear that action needs to be taken if we are to fulfil the government’s vision of making the UK to safest place to live and work online.

Helping the government achieve this aim – and in the process creating a more diverse sector with clear career pathways and universally recognised professional titles which map to specific skill sets – is the Council’s raison d’etre.

As we work towards achieving this mission, introducing our chartered professional standard to the sector has been a key focus. It’s a task which sits at the heart of creating the world class cyber security sector we want to see here in the UK.

Piloting The Journey To Cyber Security Excellence

When it comes to certifications and accreditations, the cyber security sector could best be described as a maze. There are a vast number of accreditations and certifications available, from a large number of course providers and awarding bodies. 

Consistency from one course to another is not always easy to find. For many organisations and businesses – especially those from outside the sector – this can make effective recruitment challenging. The Council is therefore seeking to redress this by introducing a new chartered professional standard for the sector, with universally recognised professional titles which correspond to specific skills sets.

Cyber practitioners can apply for one of three professional titles ranging from Associate to Principal and Chartered. These titles correspond with the depth of experience and expertise of the individual, demonstrated through written evidence and interview.

From an industry perspective these titles create a universally recognised standard, which will provide certainty around the skills and competencies associated with each level of professional title. 

Having a professional title recognised by the UK Cyber Security Council will help cyber practitioners evidence their knowledge and skills to employers, clients and the public. And more widely, it will also help create a pool of respected cyber security specialists.As the only organisation able to charter cyber security professionals as individuals, we are working with our partners to pilot the 16 cyber specialisms  across the sector.  

Pilot schemes for some specialisms have already been launched and we will be bringing forward new schemes in the coming months. 

By doing so, we are committed to creating clear pathways for practitioners to hone and evidence their expertise in specific disciplines within cyber.

Chartership and Recruitment

From an employer perspective, defined roles and levels of expertise, measured against an industry standard, make it easier for an organisation to identify cyber professionals who possess the requisite skill level to meet their cyber needs. When factoring recruiters into this process, the need for meaningful and reliable titles becomes even more key. It allows recruiters to be completely confident that they are putting forward candidates with adequate skills and experience for roles, ensuring they remain trusted suppliers to their clients.

All in all, the use of an industry standard and professional titles will streamline recruitment across the sector and be beneficial for cyber professionals and those in need of a cyber professional. With more than 80% of UK organisations experiencing a successful cyber attack in the past year, there is evident need for improved cyber defence across many organisations. The smoother recruitment processes for cyber practitioners can become, the quicker cyber professionals can begin to defend vulnerable businesses.

Tackling The Skills Gap

Whilst cyber security was once considered a way to future proof a business, it is now a foundational necessity. This shift has created a growing demand for cyber expertise, meaning that the current cyber skills gap is a significant issue.  According to Cybersecurity Ventures, there are 3.5 million open cyber jobs worldwide. Whilst in some instances these roles represent opportunities for upskilling and career progression, there are still entry level roles across the cyber space which need fresh new cyber professionals.

We believe setting clear benchmarks and defined career pathways for cyber professionals will help make routes into the industry clearer, as well as helping those already working in cyber to navigate their career trajectories.

The introduction of professional titles will also encourage individuals to be ambitious in their career goals, as the correlation between upskilling to gain the next level of professional title and the career opportunities which open up as a result will be much more evident. As the majority of entrants to the cyber industry currently come through career change or redirection, with just 3% via a school leaver or apprenticeship and 12% via graduate schemes, arguably there is more to be done to inspire students into the industry and present it as a viable, valuable career path. There is an education piece to perform here so that when presented with the prospect of a future in cyber, school and university leavers have a clearer understanding of what routes to entry are available and the career possibilities that could follow.

In comparison with industries such as law, medicine, accountancy or even marketing, a role in cyber can still seem like a very ‘new’ prospect. It can still carry some mystic around what is involved in the day to day, what skills are required and how to enter and progress through the industry.

Standardised professional titles will help bring cyber in line with other chartered industries and demonstrate a clear pathway into and through the industry. Resources such as our Career Framework and Career Mapping tool can also be helpful in identifying areas of interest in cyber, building on these interests and moulding them into an attractive career trajectory.

As we continue to add more specialisms to our pilot programme and partner with stakeholders across the UK to drive awareness and interest in cyber, we are building an invaluable network of talented cyber professionals. 

Continuing to do so will be crucial to addressing the cyber skills gaps and building a world leading cyber sector here in the UK.

You Might Also Read:

The Skills Gap Is Increasing Risk & Exposure To Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Chatham House Cyber Conference  | 14 June 2023
Highly Evasive Adaptive Threats & Advanced Persistent Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Dome9

Dome9

Dome9 is a cloud firewall management service that stops vulnerabilities, secures remote access, and centralizes policy management.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

Egis Technology

Egis Technology

Egis specializes in the IC design, research and development, and the testing and sales of capacitive fingerprint sensor.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Sectigo

Sectigo

Sectigo is a leading cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security.

Y-PARC

Y-PARC

Y-PARC is a center of excellence for cybersecurity, precision industries and medtech, fostering innovation and development and support for startups.

CoverWallet

CoverWallet

CoverWallet combines deep analytics, thoughtful design and state of the art technology to help small businesses with all their insurance needs including Cyber Liability.

Secureframe

Secureframe

Companies from startups to enterprises use Secureframe to automate SOC 2 and ISO 27001 compliance, complete audits, and continuously monitor their security.

Clear Thinking Solutions

Clear Thinking Solutions

Clear Thinking is an IT Solutions company specialising in secure & compliant technical services.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

National Security Services Group (NSSG)

National Security Services Group (NSSG)

National Security Services Group (NSSG) is Oman's leading and only proprietary Cybersecurity consultancy firm and Managed Security Services Provider.

Fullstack Academy

Fullstack Academy

A trailblazer in bootcamp education, Fullstack Academy prepares students for fulfilling careers in tech through our NYC campus, online learning, and university partnerships.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

SolidityScan

SolidityScan

SolidityScan is an advanced smart contract scanning tool designed to uncover vulnerabilities and proactively address risks within your code.

Convergence Networks

Convergence Networks

Convergence Networks is one of North America's leading Managed Services & Security Providers.