UK cyber security skills are 'wholly inadequate', says former security minister

UK cyber security skills are 'wholly inadequate', says former security minister

Cyber security is a business issue, not just IT

Article comments

The UK needs to significantly bolster its cyber security skills to fight against cyber threats, according to former security minister Baroness Pauline Neville-Jones.

Neville-Jones, who is now the government's Special Representative to Business on Cyber Security, said that a lack of skills will hinder the UK's future ability to tackle the challenges of cyber crime.

"[The UK cyber security skills base] is wholly inadequate," Neville-Jones said in a lecture at the Global Strategy Forum in London yesterday.

"[Education minister] Michael Gove has rightly, in my opinion, just swept away the existing ICT course. We need to revert to teaching programming [and to] create a perception of a career in this area. We need to have British graduates in our universities, not just Chinese."

The private sector, academics and professional organisations all have a role to play in constructing the necessary education courses and raising the profile of cyber security careers, Neville-Jones added.

She believes that in government, particularly, security is regarded more as a cost than an enabler.

"Part of the problem is that cyber security skills are not recognised. Cyber security ought to be a module that everyone takes at business school," she said.

But making cyber security an issue that businesses should take seriously is also difficult, Neville-Jones has admitted.

Private companies need to have a statement on their cyber security strategy in their financial reports, she said. However, despite the government's efforts to get cyber security onto the agenda of UK boardrooms, many still think it is too technical.

"The Financial Reporting Council and professional organisations ought to give guidance and obligations to their companies," Neville-Jones said.

The private sector would also benefit from sharing more information on cyber attacks and threats, she said.

"If they don't do that, the likelihood of being tripped up by the supply chain is just as [high]. The two-part attack – a decoy and a real attack – is becoming more common.

"Do not think that it is in the long-term interest of the industry to be coy with each other,"Neville-Jones warned.

In November, the government announced a pilot of a cyber security 'hub' that enables public and private sectors to exchange information on cyber threats. This was one of the key announcements of the UK's Cyber Security Strategy.

A joint public/private sector 'hub' will pool government and private threat information and pass that out to 'nodes' in key business sectors, helping them identify what needs to be done and providing a framework for sharing best practice," the government said in its strategy.


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *