The UK Government recently launched a Call for Views on its Initial National Cyber Security Skills Strategy. The closing date for stakeholder responses is 1 March 2019, with the final strategy document expected to be published late in 2019.
Alongside this strategy, the Government issued its response to the consultation on Developing the UK Cyber Security Profession (which included a proposal to develop a new UK Cyber Security Council). This and the Call for Views both feed into the broader National Cyber Security Strategy, which aims to ensure that “the UK has a sustainable supply of home-grown cyber skilled professionals to meet the growing demands of an increasingly digital economy, in both the private and public sectors, and defence.”
A recent Government-commissioned study reported that 54% of businesses and charities face a “cyber security skills gap”, with employers either unable to find recruits with the necessary skills, or being able to do so but at a premium that some organisations are unable to afford.
The Call for Views frames this challenge as not only one of ensuring that there are sufficient cyber security professionals in the UK, but also ensuring that these professionals possess the correct level and “blend” of expertise. The challenge is further heightened by the acceleration of the rate of technical innovation and adoption, such as the growing importance of AI, machine learning and the Internet of Things.
The aim is to address the broader cyber security skills gap to ensure that the workforce has (and will continue to have) the requisite skilled professionals so that organisations and their staff can manage cyber security risks effectively, and to ensure that individuals are equipped with a basic understanding of the value of their personal data and how to practise basic “cyber hygiene” to keep themselves and their employers safe.