The UK government this week trumpeted the success of a new initiative designed to encourage workers to embark on a new career in cyber, but experts have warned that much more must be done to fix skills shortages.
A government missive yesterday claimed that over 3600 people have applied to participate in the Upskill in Cyber program, aimed at people from a non-cybersecurity background and delivered in partnership with the SANS Institute.
Encouragingly, more than half of those applicants are women and over half come from outside London and the South East.
Delivered as part of the government’s £2.6bn National Cyber Strategy, the program offers a 14-week training course designed to equip people with the skills and knowledge they need to embark on new careers in the sector, according to the government.
Read more on industry skills shortages: Cybersecurity Workforce Gap Grows by 26% in 2022
Minister for AI and intellectual property, Viscount Camrose, argued that the sector is already growing “exponentially.”
“In just 12 months we’ve seen our 58,000 strong workforce jump by 10%, and ensuring we can maintain a steady supply of diverse, highly skilled professionals is vital to meet the needs of our growing digital economy,” he added.
However, the scale of cyber skills shortages will demand much more than a few thousands new recruits per year.
The government’s own report from last year found that half (51%) of UK businesses have a basic cyber skills gap, and that an average of 21,600 new recruits are needed annually to meet demand for talent.
By the ISC2’s reckoning, there was a shortfall of 56,811 cybersecurity professionals last year in the UK, a 73% annual increase.
Suid Adeyanju, CEO of RiverSafe, agreed that much more must be done to tackle the skills crisis.
“Building a thriving cybersecurity industry requires a dynamic and diverse workforce, and still not enough is being done to attract women and people from diverse backgrounds to enter the industry. With the rise of ransomware putting businesses and critical national infrastructure at risk, we need a much more ambitious nationwide cyber skills plan to boost our expertise in this area,” he argued.
“The Upskill program is making excellent progress on getting more women into cyber, but we also need a concerted effort from businesses, industry groups, schools and universities to transform the learning process and inspire more people to enter the industry.”
Michael Smith, CTO at Vercara, added that government programs can only do so much.
“A long-term solution to the skills gap requires a more holistic approach, led by cybersecurity leaders, that prioritizes developing talent from within. It’s more than a recruitment plan; it’s a practical long-term cybersecurity strategy,” he argued.
“This is necessary because when we hire staff in this industry, we expect them to have such a wide range of skills that no one person will have the exact combination that is in the job description. When we do find somebody with all of those skills, they are usually outside of commuting distance and they're incredibly expensive.”
Experts at Infosecurity Europe last week suggested that organizations should take a closer look at their in-house talent elsewhere in the business and reexamine their hiring policies and interview techniques to get the right people through the door.