The skills gap, an existential threat? (Guest blog by BT)
The Cyber Skills gap is real, significant and affecting all organisations big and small. Finding ways to make the most of scarce human resources is an absolute necessity. We have to constantly evolve how we engage with and support people inside and outside our industry. For security organisations, we have to create the conditions that allow new and innovative ways of thinking – and we can only do this by increasing diversity in security. Diversity isn’t just a ‘nice to have’ or a moral responsibility – it’s absolutely existential to our industry. The cyber threats that we face are constantly changing, and we won’t be able to respond to them in the future without a far wider range of views and perspectives.
It’s therefore essential that we keep innovating in how we remove barriers and create pathways to attract a wider range of people into security careers. This is a view we share with the NCSC, who’ve done great work on this via initiatives like CyberFirst, which we were delighted to be named as one of the lead partners last year. At BT more specifically, we’re doing this by tailoring our recruitment processes to ensure the language in our job descriptions doesn’t contain any gender bias through to creating representative interview panels and removing interview questions that aren’t targeted at relevant skills and might bias against neuro-divergent individuals.
These may seem like relatively straightforward tweaks, but together they can make a huge difference in how people look at jobs and progress through recruitment processes. We also need to provide clearer routes for people with transferable skills to be trained into cyber careers. For example, we know that many people believe that training to begin a cyber career will be too technical, time-consuming or expensive, so we need to find ways to challenge that perception. That’s why we recently began an industry-first partnership with CAPSLOCK, covering the fees and salaries of a group of BT employees to reskill them into security roles from other areas.
We also know that not only do many people not perceive security as a career for them, but also something that’s too technical or scary for them to do anything about in their daily lives.
Security is not an industry problem that can be solved in isolation – it’s something that touches every area of society, and which needs to encompass everything from the basics of using digital tools and spotting online misinformation, through to complex cyber solutions. We therefore have to constantly innovate in how we support the Whole of Society, in order to build our collective resilience and level up the UK’s cyber capability.
This means taking every possible approach to explaining security and the fundamental steps that everyone could and should take to protect themselves. That’s why BT has been a keen supporter of the NCSC’s Cyber Aware programme, and we also provide a range of free training and advice to provide everyone with digital skills.
We also share the NCSC’s commitment to protecting UK businesses of all sizes, and providing them with the skills and understanding of how to secure themselves. Recent BT research found that thousands of the UK’s smallest firms have little or no cyber protection, with the majority of those firms believing their business isn’t big enough to be targeted by cyber criminals.
We know that being a smaller business doesn’t make you any less of a target for cyber criminals. That’s why we recently launched a number of new security products specifically tailored for the resources and requirements of UK SMEs.
Rather than responding reactively to threats, a more sustainable approach is to start unlocking and sharing any developments that will enable us all to get ahead of the next attack. The focus needs to be on building a collective resilience to improve our cyber capabilities globally. In particular, both government and industry should have an active role in helping all areas of society understand the part they play in remaining secure and educating individuals about the steps they can take.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.
Authors
