careers Archives - Security IT Summit | Forum Events Ltd
  • Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

careers

Huge leap in girls learning cyber security skills

960 640 Stuart O'Brien

The number of girls looking to learn new cyber security skills has surged this summer after courses went online for the first time.

The National Cyber Security Centre (NCSC) confirmed that the number of young people taking part in this year’s CyberFirst summer courses rose to a record-breaking 1,770 after they moved from the classroom to online.

And while the number of applications from boys saw a significant 31% rise, it was the increase in the number of girls applying which really caught the eye – rising by a massive 60% on 2019.

CyberFirst aims to ensure greater diversity in the next generation of cyber security specialists, and the summer courses offer 14 to 17-year-olds the chance to learn about digital forensics, ethical hacking, cryptography and cyber security challenges.

The new figures come one month after the NCSC pledged to take action to improve diversity and inclusion in the cyber security sector, as just 15% of the UK’s cyber security workforce are women and 14% of employees are from ethnic minority backgrounds.

Chris Ensor, NCSC Deputy Director for Cyber Growth, said: “I’m delighted to see that more young people are exploring the exciting world of cyber security, and it’s especially encouraging to see such a level of interest from girls.

“Our online courses have provided new opportunities for teenagers of all backgrounds and we are committed to making cyber security more accessible for all.

“Ensuring a diverse talent pipeline is vital in keeping the UK the safest place to live and work online, and CyberFirst plays a key role in developing the next generation of cyber experts.”

Digital Infrastructure Minister Matt Warman said: “It’s great to see so many young people taking part in the CyberFirst summer courses. These fantastic experiences give teenagers an insight into the exciting and varied careers on offer in cyber security.

”We want our cyber sector to go from strength to strength, so it is vital we inspire the next generation of diverse talent to protect people and businesses across the country.”

This year 670 more places were made available for the CyberFirst summer courses. The number of boys applying rose from 1,824 in 2019 to 2,398 this year, while for girls it went from 930 to 1,492 over the same period.

The annual initiative is offered at three levels: CyberFirst Defenders (for those aged 14–15), CyberFirst Futures (15–16), CyberFirst Advanced (16–17) – all aimed at helping pupils develop digital and problem-solving skills and introduce them to the cyber threat landscape.

This autumn, pupils interested in cyber security and computer science can look forward to a whole raft of opportunities from CyberFirst, as part of its ongoing commitment to inspire the next generation of cyber talent.

Other CyberFirst programmes include:

  • CyberFirst bursaries and apprenticeship schemes, which offer financial help for university-goers and paid summer work placements with over a hundred organisations to kickstart careers in cyber security. Applications are now live.
  • Empower Digital Cyber Week (9th-13th November), where students can watch and join online cyber sessions given by speakers in academia, industry and government.
  • The annual CyberFirst Girls competition, open to teams who want a fun and challenging opportunity to test their cyber skills in a bid to be crowned the UK’s top codebreakers. Registrations for the 2020-21 Girls Competition open on 30th November. More details about this year’s competition can be found on the NCSC’s website.
  • The government’s online cyber skills platform Cyber Discovery launched its latest intake in June and has already attracted over 13,500 students, with more than a third of registrations from female students. The programme, for 13-18 year olds, is a free and fun way for teens to develop cyber security skills. Students can register to join here: https://joincyberdiscovery.com/

Solving the data centre skills shortage

960 640 Stuart O'Brien

By Stephen Whatling, Chairman at BCS

The growth in demand for data centres worldwide has posed many challenges in recent years and this has now been expedited by the Covid-19 pandemic. Following a major uplift in demand for data services since March, the need for a resilient data infrastructure has never been greater.

However, this year BCS’ independent survey shows an increase in concern about the availability of design and build staff with an 11% rise, to 75%, of respondents believing there is an inadequate supply of skilled labour. The same independent BCS survey shows that 90% of those involved in the design and construction of data centres believe there is a dearth of both design and build personnel.

As the confusion regarding exam results and the subsequent issues with university places continues to test the education system, it is a growing concern for the future supply of resources skilled in the design and build of data centres.  It is then perhaps no surprise that for the second survey running, greater industry engagement with educators is ranked as the top factor to address this identified skills shortage. This is particularly important given the tremendous competition for suitably qualified STEM staff from a wave of different technology sectors across the wider economy. Early engagement with the industry at the educational level is needed to encourage the next generation of potential datacentre professionals through providing clear routes to jobs and career advancement that exist in many of the competing industries.

Better on the job training and improved or greater incentives for apprenticeships also ranked highly in the survey as  respondents acknowledged the positive impact that the education sector and businesses working in partnership can have in developing home-grown resources.  At BCS we believe that the expansion of apprenticeship places is vital to the success of the generation of UK based skills.  This year we had over 200 applicants for the apprentice and graduate scheme we operate in partnership with London Southbank University which provides funded places and, alongside studies, enables the apprentices to access every aspect of the BCS business.

From this year’s intake, Imogen Paton is enrolled on a Quantity Surveying Degree Apprenticeship at London Southbank University and will be sharing her time between studying there and getting some great practical experience with BCS over the next five years. Imogen said: “I am really looking forward to this opportunity to grow and work with both a great company and great university and can’t wait to get started!”

Many businesses might think that taking on an apprentice during the current pandemic will not bear fruit but that is not necessarily the case.  Yes, it can be harder and will require a little more care and attention but the right candidates will learn some invaluable skills during these strange times.

Ben Chappell, a BCS Apprentice Consultant from London Southbank University says he will “definitely take a new sense of confidence in working independently back to the office when the lockdown is over.”

“I’ve been balancing client tasks with Southbank University work successfully, which has given me assurance that my routine is productive. One of the lessons for my industry is that we now know that a significant amount of work can be done remotely if the circumstances require it. However, I am also very much aware of the importance of social interaction for both the office teams and client relations and I’m looking forward to getting back on site,” he said.

It is also worth remembering that the survey was undertaken at the beginning of the UK lockdown, before the length of the lockdown and subsequent travel restrictions could be fully understood.  Despite the timing, almost three-quarters of respondents believed that shortages amongst data centre operational staff was already making it increasingly difficult to run facilities well. It is now clear that the difficulties associated with international travel such as the lack of availability of flights and hotel rooms or the more recent focus on quarantine rules has made it even more difficult for the roving teams of design, build and maintenance engineers to do their jobs efficiently.  These teams are, of course, essential workers and not subject to the quarantine rules but travel, and life in general, is more difficult now, and as a result less productive.  This will mean that even more skilled engineers are required to support the existing infrastructure.

Meeting the demands for greater capacity was an issue before Covid-19 with 74% seeing higher labour costs, 55% using increased outsourcing and almost 50% seeing delays due to the shortage of available skills.  It is likely these numbers will be even higher next year. We should also take note of the likely impact of Brexit and any future immigration policy.  It is vital that any future policy recognises the importance of the data centre industry in the UK and supports it with favourable access for the skilled workers that will be needed in order to meet the existing demand. 

In conclusion, the demand for UK based data centres currently outstrips supply, smart working and automated processes, and a focus on education alongside investment and support from the Government, is required sooner rather than later to ensure the UK capitalises on this opportunity.

Mind the gap: Upskilling cyber security teams

960 640 Guest Post

By Matt Cable, VP Solutions Architects & MD Europe, Certes Networks, is of interest at all?

At the end of 2019, it was reported that the number of unfilled global IT security positions had reached over four million professionals, up from almost three million at the same time the previous year. This included 561,000 in North America and a staggering 2.6 million in APAC. The cyber security industry clearly has some gaps to fill.

But it’s not just the number of open positions that presents an issue. Research also shows that nearly half of firms are unable to carry out the basic tasks outlined in the UK government’s Cyber Essentials scheme, such as setting up firewalls, storing data and removing malware. Although this figure has improved since 2018, it is still far too high and is a growing concern. 

To compound matters, the disruption of COVID-19 this year has triggered a larger volume of attack vectors, with more employees working from home without sufficient security protocols and cyber attackers willingly using this to their advantage.

Evidentially, ensuring cyber security employees and teams have the right skills to keep both their organisations and their data safe, is essential. However, as Matt Cable, VP Solutions Architects & MD Europe, Certes Networks explains, as well as ensuring they have access to the right skills, organisations should also embrace a mindset of continuously identifying – and closing – gaps in their cyber security posture to ensure the organisation is as secure as it can be.

Infrastructure security versus infrastructure connectivity

There is a big misconception within cyber security teams that all members of the team can mitigate any cyber threat that comes their way. However, in practice this often isn’t the case. There is repeatedly a lack of clarity between infrastructure security and infrastructure connectivity, with organisations assuming that because a member of the team is skilled in one area, they will automatically be skilled in the other. 

What organisations are currently missing is a person, or team, within the company whose sole responsibility is looking at the security posture; not just at a high level, but also taking a deep dive into the infrastructure and identifying gaps, pain points and vulnerabilities. By assessing whether teams are truly focusing their efforts in the right places, tangible, outcomes-driven changes can really be made and organisations can then work towards understanding if they currently do possess the right skills to address the challenges. 

This task should be a group effort: the entire IT and security team should be encouraged to look at the current situation and really analyse how secure the organisation truly is. Where is the majority of the team’s time being devoted? How could certain aspects of cyber security be better understood? Is the current team able to carry out penetration testing or patch management? Or, as an alternative to hiring a new member of the team, the CISO could consider sourcing a security partner who can provide these services, recognising that the skill sets cannot be developed within the organisation itself, and instead utilising external expertise.

It’s not what you know, it’s what you don’t know

The pace of change in cyber security means that organisations must accept they will not always be positioned to combat every single attack. Whilst on one day an organisation might consider its network to be secure, a new ransomware attack or the introduction of a new man-in-the-middle threat could quickly highlight a previously unknown vulnerability. Quite often, an organisation will not have known that it had vulnerabilities until it was too late. 

By understanding that there will always be a new gap to fill and continuously assessing if the team has the right skills – either in-house or outsourced – to combat it, organisations can become much better prepared. If a CISO simply accepts the current secure state of its security posture as static and untouchable, the organisation will open itself up as a target of many forms of new attack vectors. Instead, accepting that cyber security is constantly changing and therefore questioning and testing each component of the security architecture on a regular basis means that security teams – with the help of security partners – will never be caught off guard. 

Maintaining the right cyber security posture requires not just the right skills, but a mindset of constant innovation and assessment. Now, more than ever, organisations need to stay vigilant and identify the gaps that could cause devastating repercussions if left unfilled.