Council calls for investment in cyber skills and training

The UK Cyber Security Council has issued a rallying call for industries to recommit to investment in cyber security skills development, as they transition back to regular working practices following the disruption caused by the pandemic.

Research taken during lockdown revealed that organisations’ approaches to training have shifted, with firms increasingly taking the quick-fix approach through recruitment rather than a broader training approach across wider teams. According to the London School of Economics, the total number of days trained per trainee in the UK dropped from 7.8 in 2011 to 6.4 in 2017, a fall of 18 per cent, while total training expenditure per trainee fell by 17 per cent. The decline applies across a variety of sectors, including cyber security.

The skills challenge is supported by the latest data from the Department for Digital, Culture, Media and Sport, which revealed that 30 per cent of cyber firms have found it hard to fill generalist roles (where employees are expected to work in a range of cyber security areas). Shortages also exist in specialist roles, senior management roles, penetration testing and security architecture – all pointing to a shortfall in employee development.

Don MacIntyre, interim CEO of the UK Cyber Security Council, said: “It's imperative that the UK’s cyber security community returns to training in order to maintain their on-going situational awareness and to maintain the UK’s global position as a centre for cyber security skills and innovation. While investment in specific skills development courses, setting staff on a pathway to certification is essential, it needs to be teamed with continuous education that can build on industry accreditation and ensure professionals are constantly developing their skills and knowledge as part of a career pathway as well as to support the evolving needs of their organisation.”