The UK needs to significantly bolster its cyber security skills to fight against cyber threats, according to former security minister Baroness Pauline Neville-Jones.
Neville-Jones, who is now the government's Special Representative to Business on Cyber Security, said that a lack of skills will hinder the UK's future ability to tackle the challenges of cyber crime.
"[The UK cyber security skills base] is wholly inadequate," Neville-Jones said in a lecture at the Global Strategy Forum in London yesterday.
"[Education minister] Michael Gove has rightly, in my opinion, just swept away the existing ICT course. We need to revert to teaching programming [and to] create a perception of a career in this area. We need to have British graduates in our universities, not just Chinese."
The private sector, academics and professional organisations all have a role to play in constructing the necessary education courses and raising the profile of cyber security careers, Neville-Jones added.
She believes that in government, particularly, security is regarded more as a cost than an enabler.
"Part of the problem is that cyber security skills are not recognised. Cyber security ought to be a module that everyone takes at business school," she said.
But making cyber security an issue that businesses should take seriously is also difficult, Neville-Jones has admitted.
Private companies need to have a statement on their cyber security strategy in their financial reports, she said. However, despite the government's efforts to get cyber security onto the agenda of UK boardrooms, many still think it is too technical.
"The Financial Reporting Council and professional organisations ought to give guidance and obligations to their companies," Neville-Jones said.
The private sector would also benefit from sharing more information on cyber attacks and threats, she said.
"If they don't do that, the likelihood of being tripped up by the supply chain is just as [high]. The two-part attack – a decoy and a real attack – is becoming more common.
"Do not think that it is in the long-term interest of the industry to be coy with each other,"Neville-Jones warned.
In November, the government announced a pilot of a cyber security 'hub' that enables public and private sectors to exchange information on cyber threats. This was one of the key announcements of the UK's Cyber Security Strategy.
A joint public/private sector 'hub' will pool government and private threat information and pass that out to 'nodes' in key business sectors, helping them identify what needs to be done and providing a framework for sharing best practice," the government said in its strategy.