The Cyber Skills Gap & How We Act For The Future

There is a great Chinese proverb that says: “The best time to plant a tree is 20 years ago, the second-best time is now.” I love this because beautifully sums up where we are today with the cyber skills shortages we face. Go back 20 years and it was a mad rush towards digital transformation - what a good news story, better client experience delivered on a lower cost base.

Roll forward 5 years… “Oh, the online platforms we’ve created are not actually very secure, sorry about that - it seems youngsters in their bedrooms are hacking our systems for fun.” Roll on a further 5 years and we get to: “Hang on, the adversary has morphed into serious and organised crime and now we’re being extorted for millions.” 

And on and on until today… we now have a new digital revolution taking place which we have snappily called  'Industry 4.0’. This integration of intelligent digital technologies into manufacturing and industrial processes, and their speedy, often cost-driven but not security driven adoption into modern manufactured elements (cars, aeroplanes, watches, medical equipment, fridges, smart factories, intelligent cities to name a few) leaves us even more exposed to threat. 
 
In the last 20 years we as a nation have underinvested in developing cyber skills. It’s only in the last decade that higher education establishments have offered dedicated cyber security degree and master’s courses (though their relevance in modern commercial settings is up for debate). Only within the last 12 years has legislation come about to protect personal data and discover/punish those that lose or abuse it.

The result of all this is that the pressure on existing cyber capability has expanded even more, without a corresponding increase in industry-ready entry level practitioners. Companies are under huge pressure to meet demand; the fact is that they no longer want entry level capability, they want 3 - 4-year veterans. 
 
With this new Industrial Revolution (Industry 4.0) beginning to gather steam, there is a specific need to create a training ladder, to ensure practitioners are being sufficiently trained and assessed at every level of their career - which is exactly what we at The Cyber Scheme have done.

We need to cross skill and to upskill, bringing together each side of the revolution: Engineers, meet the IT crowd.

Both of course speak different languages, and have differing approaches to suit their specific areas, for example regarding health and safety. It’s one thing to electrocute yourself in an IT environment; quite another to bring down a manufacturing facility or a nuclear power plant. With the advent of IoT/OT technologies, the stakes are ever higher.
 
With training and with competence measurement we can build into the existing engineering and IT disciplines the knowledge, skills, abilities and tasks to counter the threat associated with these developments.

We have the scars and the memories of how the last 20 years have played out, and we know serious and organised crime will and does take advantage of our slowness - just look at the troubles Jaguar Land Rover and the automotive industry generally have encountered recently; that cool keyless entry isn’t so cool when a 15yr can steal your car inside 3 minutes.

The easy returns for crime gangs are just too tempting; we know we have to skill up before the bad guys do. That’s why now is the second-best time to plant that tree.

Charles White is CEO of The Cyber Scheme

You Might Also Read: 

Is Artificial Intelligence The Answer To The Cybersecurity Skills Shortage?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Insights From An Early Adopter Of Microsoft 365 Copilot
A Deep Dive Into Deepfakes & The Threat To Digital Identity Verification »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

National Defense Industry Association (NDIA)

National Defense Industry Association (NDIA)

The National Defense Industrial Association Cyber Division contributes to US national security by promoting interaction between the cyber defense industry, government and military.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

European Cyber Security Conference

European Cyber Security Conference

EU Cyber Security Conference will debate what Europe’s response to evolving threats in a dynamic global risk landscape should look like and what the next steps for all actors of the ecosystem.

Andreessen Horowitz (a16z)

Andreessen Horowitz (a16z)

Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California that backs bold entrepreneurs building the future through technology.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Mindflow

Mindflow

Mindflow is dedicated to bringing answers to the challenges the cybersecurity field and beyond face today.

Scribe Security

Scribe Security

Scribe security provides end-to-end software supply chain security solutions.

AUCyber

AUCyber

AUCyber is a leading provider of managed cyber security solutions and consultancy services, specialising in supporting Australian organisations and Government agencies.