It’s 2020 – it’s time to fix the UK’s Cyber Security skills gap

For the majority of my career I have partnered with numerous large, medium and small companies, to help them solve their resource and talent needs, to make sure their business is successful as it can be. This has involved some small-scale pieces of work, to volumes of talent up to 1,000’s in number – Permanent, Contractors, Consultancy, Statement of Work, Fixed Term, Teams, Offshore/OnShore, Freelance.

There are sectors where there have been bigger problems to solve than others. One of the biggest is in the constantly evolving Technology sector, as companies have tried to stay up to date and relevant with the latest tech, platform or provider which promises to make their business faster, produce more, engage with customers and consumers better or become more “Agile”.

The speed of Technology evolution has now led us to the tipping point of an undeniable need for organisations to go through a Digital change and transformation, as technology has opened up new markets for some, but also taken away traditional markets for others.  Do nothing and your business dies – that is now a fact.

As this seismic, constantly accelerating Digital technology wave crashes over us, the world becomes even more connected, every piece of data is collected on us and stored, we move to living totally online and ‘in the Cyber cloud’ – so the need for everything to be secure, protected and safe is greater than ever. This is true for everything from our personal social networks, our personal day to day actions such as online banking and online shopping, our children’s online lives – right through to our places of work and the very Government that protects us from ever growing global threats.

However, even within this new world dichotomy, the market has been hiding one of the worst kept secrets – the UK’s Cyber Security skills shortage is now at critical level.

Put ‘Cyber Security skills shortage’ into any search engine and you will be presented by a plethora of reports, articles and cries for help:

Cybersecurity Skills Shortage Tops Four Million – Infosecurity Magazine.com, November 2019

Digital skills shortage threatens UK Cyber Security – previous Head of the Defence Programme at techUK, March 2017

Cyber Security skills shortage near breaking point – ITPro.co.uk, November 2019

UK Businesses At Risk Due To Cyber Skills Shortage – Silicon.co.uk, November 2019

The Cyber Security skills shortage is being felt within Government organisations also, as a stream of bright minds must be constantly found to do battle against the growing ubiquitous threats on a global stage.

An obvious question is why? Why have we come to this point where there is such a Cyber Security skills shortage? I have had long conversations with many clients, Security industry leaders, respected CISOs’ and other various people at the heart of the Cyber Security industry and they all offer their thoughts and reasoning. These could be discussed and debated well into the night and all have merit. However, just one reason that seemed to be mentioned every time was the UK education system and the national curriculum.

It is obvious that we need to create the Digital workforce of tomorrow. However, it seems schools are a good few years behind this and the national curriculum is still weighted to traditional and classical topics – and not all the new skills that the UK needs. There are schools where in IT and Computing lessons, coding is an element and is actually a compulsory topic at GCSE, but these are not the majority.

In some Computing University Degree courses, Cyber Security only plays a very small part of the content, so the student has to decide to take more time and cost to study a follow up course which specialises in Cyber Security.

Due to the Cyber Skills shortage in the working world, there is then the issue of desperate companies who try to focus on recruiting ‘experienced’ technical Cyber Security candidates, in order to add instant impact at a high level, probably due to many years of non-investment in their systems, security architecture or processes. These companies sometimes neglect the need to actually grow, train and build Cyber Security teams from the ground up, who can educate companies on things like the basic human element and risks of Cyber Security – future proofing their businesses.

The list of whys goes on and is too long to list in this blog, but I am sure you will have your own thoughts.

So what can be done?

It is pleasing that there seems to be a growing movement to address this issue. We have seen various initiatives launched: The Initial National Cyber Security Skills Strategy, the creation of the National Cyber Security Centre (NCSC) and the great work it is doing, the CyberFirst programme which is helping to take the message to schools, industry organisations like TechUK and various companies who have started to offer training courses and Cyber Apprenticeships.

However, more needs to be done and quickly.

I am pleased to say that Capita is now at the forefront of this initiative through our Capita Novus Skills Development Programme and Cyber Security Academy.

Our Capita Novus programmes recruit the best, extremely bright, Computing/Cyber Degree educated graduates who we permanently employ into Capita and then further train into Cyber Security over a number of weeks. We also expose them to real live corporate projects, until they are delivering at a standard where we can deploy those employees into assignments within our client portfolio. 

The Novus employees really help our clients bridge the gap between their Permanent and Limited company Contractor workforce – providing genuine flexible talent, building their teams from within, but without the IR35 issues, AWR or contingent worker legislation.

All of our new consultants are automatically put through SC Security Clearance whilst they train with us, meaning the client does not have to delay or pay to administer this process.

Capita also takes full responsibility for that resource from admin tasks, supporting the management of their performance, objectives, mentoring by Senior Consultants and development pathways – so clients would only have to manage their workload.

Typical roles our Cyber Security stream cohorts would fill are Security Analysts, SOC Analysts, Penetration Testers, Business Analysts, Security Project Managers, Security Project Support staff to name but a few.

However, we also partner with clients to bring in specific niche and in-demand skills into your organisation, and build bespoke training courses over an agreed period to enable you to fulfil emerging skill demands, overcome current gaps and reduce workforce shortages – at the same time making sure you retained that talent, by having the option to move them to your Permanent workforce after a period of time.

Capita Plc is also delighted to partner with the CyberFirst programme, which allows us to offer CyberFirst pre, current and post graduates real industry experience within Capita and with our portfolio of clients – adding to the quality of the Capita Novus programme.

Should you also wish to discuss more high-level Cyber Security requirements or roles, you may be interested in our CISO-As-A-Service offering or our more senior Cyber Security Consultants.

Capita manages some of the most secure networks in the UK. This experience and knowledge means we can be confident of knowing the right Cyber talent and introducing that talent to our clients to have an immediate impact.

It’s 2020 – it’s time to fix the UK’s Cyber Security skills gap and Capita is helping UK PLC to do that.

#CyberSecurity #Cyber #InfoSec #Digital #Skills #Talent

Please contact me for more information:

Steve Corbett - Head of Client Solutions

Capita - People Solutions

[email protected]

Tel: 07548 711 406