UK Launches Consultation To Develop Cybersecurity Profession

The Department for Digital, Culture, Media and Sport (DCMS) has launched a consultation into developing the cybersecurity profession in the UK to support the National Cyber Security Strategy (NCSS). To support this effort, it has also proposed to create a UK cybersecurity council, which would sit independently of the government. 

The NCSS sets out the government's ambition to ensure there is a sustained supply of the best possible home-grown cybersecurity talent, which is to be achieved by 2021. This consultation, which closes on August 31, is for a broad range of interested parties including cybersecurity professionals, existing cybersecurity professional organizations in the UK, students and recent graduates, academia and law enforcement communities. 

Margot James, chair of the DCMS, wrote about why an intervention was needed to support the NCSS: "The cybersecurity profession is relatively new and has developed organically over recent years. It is broad and varied; those working in the cybersecurity ecosystem are found across multiple disciplines including engineering, technology, business, social science, compliance and law, with a wide range of different competencies.

"We heard strongly during our pre-consultation engagement that to build on the good work, more needs to be done to create the environment for the cybersecurity profession in the UK to develop at the pace required," she continued. "There was a strong sense from many we engaged with that there is no generally accepted, unifying narrative of what makes a cybersecurity professional. Misconceptions and stereotypes about cybersecurity professionals remain and we heard clearly that many still consider cybersecurity to be a complex subject area and a career which lacks clear routes into and through it."

The NCSS has specified goals to reach between now and 2021. By the end of 2019, there will be an early development and alignment of a coherent set of career specialism pathways into and through the cybersecurity profession and a draft Code of Ethics will be agreed between participating cybersecurity professional organizations. 

To support this, a number of established councils, chartered professional bodies, academics and industry groups have established a collaborative alliance to advance the development of the cybersecurity profession. With an overall aim to provide clarity around the skills, competencies and career pathways within this fast-moving area of professional practice, the initial objective for The Alliance is to support commitments expressed within the UK NCSS to provide a focal point for advising national policy, including the stated intent to recognize professionals through Chartered status. 

The Alliance brings together a range of expertise and disciplines, including BCS, The Chartered Institute for IT, Chartered Institute of Personnel & Development (CIPD), CREST, The Engineering Council, IAAC, The Institution of Analysts and Programmers (IAP), The IET, (ISC)2 and techUK. Talal Rajab, head of program - cyber and national security, techUK, commented on the coming together of these bodies: "techUK is pleased to be a founding member of the Alliance and contribute to the development of the cybersecurity profession. 

"Our digital economy is underpinned by the need for cybersecurity expertise and skills across a range of disciplines. Through bringing together these professional bodies and harnessing the full range of established cybersecurity professional expertise, the Alliance will go a long way to providing a focal point for the sector on the cybersecurity skills, competencies and standards needed to ensure that the UK has the skills needed to remain resilient to the growing cyber-threat.”

This announcement from the government follows the announcement from The Joint Committee for National Security Strategy which criticized the government for not acting urgently enough on critical national infrastructure cybersecurity. Kamila Hankiewicz, managing director, Girls in Tech, also feels strongly that not enough is being done to get people, especially women, into cybersecurity roles: "The current education model is flawed and results in a low number of women applying for technology roles. This means our nation misses out a huge group of talent in positions needed for the future workforce. 

"A shortage of female talent is predominantly down to a lack of awareness of the opportunities that exist and a flawed perception that you need to be strictly technical to work in industries such as cybersecurity, automation or crypto-investing. It is our responsibility, as the future leaders of the UK, to ensure that our governments are investing in children at an early age - preventing them from developing an unconscious bias towards STEM and getting them excited about the opportunities that the future digital economy presents."

Infosecurity:

You Might Also Read:

What Does Brexit Mean For British Data Privacy?:

Are Women Better At Cyber Security?:

 

 

« Cyber Threat Warnings ‘Blinking Red’
Kremlin Hacking Crew Take A 'Roman Holiday' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

Maryman & Associates

Maryman & Associates

Maryman & Associates are specialists in computer forensic investigations, incident response and e-discovery services.

CryptTalk

CryptTalk

CryptTalk is an easy-to-use secure communication service.

Virgil Security

Virgil Security

Virgil Security provides easy-to-deploy and easy-to-use cryptographic software and services for use by developers and end-users.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Cybersecurity Coalition

Cybersecurity Coalition

The mission of the Cybersecurity Coalition is to bring together leading companies to help policymakers develop consensus-driven policy solutions to achieve improvements in cybersecurity.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

Salt Cybersecurity

Salt Cybersecurity

Salt Cybersecurity offer a four-pronged approach to information security that includes Custom Security Policy, Vulnerability Assessment, Threat Detection, and Security Awareness Training.

ScienceSoft

ScienceSoft

ScienceSoft is a provider of software development and IT consulting services including Information Security.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

Dropzone AI

Dropzone AI

Dropzone AI are creating a generational leap in SecOps by using AI to automate cyber expertise and tooling.

Exodata

Exodata

Exodata is a French digital services company specializing in the outsourcing of IT Systems and solutions.