Govt takes steps to improve cyber security future

Friday 13 December 2013

The government is taking steps to improve its cyber security capabilities, identifying that the public sector could suffer a skills shortfall over the next decade if action isn't taken.

Ministers are now leading a recruitment drive for computer scientists and hackers, The Guardian reported.

Cabinet office minister Francis Maude said: "We need to sustain and grow the capabilities of UK cybersecurity, and it is now vital we ensure that we have young talent coming through our education system and the workplace."

In a bid to achieve this the government is funding apprenticeships and trainee schemes, including one at GCHQ.

An initiative has also been launched to identify and encourage talented children. A hacking competition has been extended to schools across the country and budding computer scientists are no doubt to be unearthed.

"While the online world has grown exponentially over the last few years, our education system hasn't kept pace," Mr Maude told The Guardian.

"We have to avoid a gap in the UK's cyber defences in the years to come. There will never be a moment when we dare to say 'we are there'. This will always be a work in progress," he added.

Contractors are likely to have to step into the breach, while Mr Maude has already admitted that GCHQ is having to look to small and medium-sized businesses to recruit staff.

Ernst & Young's 16th Global Information Security Survey has also identified a demand for security skills.

Research found 83 per cent of businesses are currently unhappy with their level of protection from cyber attacks, while 93 per cent planned to maintain or increase their spend in this area going forward.

What's more, just under a third of firms saying the number of security incidents in their company has risen by at least five per cent in the last year.

Businesses are certainly waking up to the risk cyber threats pose. According to Ernst & Young, most organisations recognise the extent and depth of the threats they face and for nearly three-quarters of those surveyed, information security policies are now owned at the highest level.

Indeed, in ten per cent of companies, the information security function reports directly to the chief executive officer.

Information security professionals in 35 per cent of businesses surveyed present to the board and those at the top of the governing structure on a quarterly basis. Just over one in ten also report monthly.

"Data protection is no longer being treated as another line item in a contract or something that organisations simply assume third parties do," Ernst & Young identified in their report.

"Three-quarters of respondents indicate that their organisations mandate self-assessments, or commission an independent external assessment, of the information security measures performed by external partners, vendors or contractors who have access to their data."

Despite this, many of those surveyed said they didn't have the skilled resources they need to properly tackle cyber security.

Additionally, in many companies, configuration and processes aren't adapted properly to the modern environment. Contractors can be indispensable in getting a firm's security infrastructure up to speed.

By Victoria McDonnell

Get in touch

Please select your type of enquiry:

Brookson on Twitter