The key to unlocking cyber-skills starts at school
It’s a digital future that we are sending students off into and it is paramount that we prepare them for it. One element of increasing importance is cyber-security; Stephen Jones, MD SANS Institute UK and Nordics, makes a strong case for educating students in cyber-security – bolstering their interest in it and making the school and their future a more secure digital environment
The UK is keen to be seen as a digital innovator, which is probably a smart move considering ongoing uncertainties surrounding the details and final outcome of Brexit. However, along with funding developments in areas like 5G, robotics and AI, there must also be a dedicated focus on protecting and securing the nation’s digital infrastructure. This means educating the next generation of (potential) cyber-security professionals not only on IT security but on why this is such a crucial – and rewarding – career option.
We’re already a hyper-connected society. Recent announcements regarding 5G – the next generation standard which will enable a huge number of internet of things (also known as IoT) use cases – mark another step forward in the digitalisation of things, processes, operations and interactions. This is great news, but it’s vital that innovation does not outpace IT security, which is already a costly and sizeable problem.
Securing the future of cyber skills
A recent government survey found that 43% of businesses had experienced a cyber-security breach or attack in the last 12 months. The severity of attacks – and their cost to businesses and the wider economy – vary, but without effective cyber-security measures and skilled personnel, the potential for damage is huge. It is extremely hard to quantify costs but according to Lloyds of London, a serious cyber-attack could cost the global economy more than £92bn.
Currently, it seems many businesses are doing little to address the problem; the same government report found that only 27% businesses and two in 10 charities have any formal cyber-security policy in place. Whilst organisations do have a responsibility to put policies and personnel in place, they also face a major hurdle: a lack of available people with the necessary skillsets.
Going back to school
Re-skilling and training employees on an ongoing basis can help reduce this gap, but the situation is so severe that it must be addressed at the core: cyber-security must go back to school. Most students today are highly digitally-literate. This offers the perfect foundation upon which to introduce new skills and cyber-awareness, leveraging an existing knowledge of technology.
Given the current – and growing – cyber-threat landscape, this approach should be considered a ‘must-have’ rather than ‘nice-to-have’ for any educational institution. An ‘always on’ usage of social media platforms and online accounts at home, for instance, should be complemented at school – and from an early age – by basics like password management, digital footprint and privacy settings.
Bolstering an interest in cyber-security
This needs to go one step further, however, and begin to introduce to students – and their parents and teachers – the basics of what it takes to become a cyber-security expert and to help develop an understanding of cyber-security as a cool, fun and lucrative career choice. Even for those who had never considered themselves as technically gifted.
Of course, this has the added advantage of pointing those pupils who are already playing around with hacking, in the right direction rather than them potentially drifting towards the ‘bad side’ – where they will only be contributing to the problem rather than helping to solve it.
Fortunately, this approach has had government backing. The UK’s National Cyber Security Strategy was launched in 2016 and sets out a number of initiatives aimed at improving cyber-security skills throughout the school, higher- and post-education sectors. This includes £20m of funding allocated to its Cyber Schools Programme, which is designed to give children aged 14 to 18 clear pathways into the cyber-security industry via direct contact with industry experts.
Cyber Discovery
The programme was launched last year as Cyber Discovery. Aiming to tap into undiscovered cyber-security talent, Cyber Discovery provides a comprehensive cyber-security curriculum delivered through a series of online challenges and training. This allows students aged between 14 and 18 to either learn and progress outside of school hours in their own time or as part of a Cyber Discovery club. The programme takes the crucial approach of building on pupils’ existing knowledge of technology, in order to create cyber-security knowledge.
Gamification – which has been heavily integrated into the Cyber Discovery programme – is one example of a learning style which has proven successful with pupils. Twentieth-century theorists Jean Piaget and Leonard Vygotsky argued that play is a crucial component of cognitive development from birth and through adulthood; an attitude which prevails today but is perhaps under-actioned by many schools and colleges.
Given the shift towards digital gaming over the past two decades, this approach offers the perfect complement to cyber-security course content. Using personal devices to complete learning-based ‘games’ and leveraging online portals for competitions, hackathons and collaborative projects are successful methods of engaging, immersing and educating pupils in cyber-security.
This approach has even proven successful in the workplace; according to a recent report, 96% of businesses that use gamification in the workplace reported seeing benefits and almost all believe that gaming affords players the experience and skills critical to cyber-security, including logic and perseverance.
Teaching teachers, teaching children
Embarking on programmes like Cyber Discovery is great for those children with the time and resources to follow a curriculum outside of school. However, it’s also important that cyber-security education becomes an integrated part of all school curricula and budgets. Just as UK business and industry are facing a cyber skills shortage, many schools have also struggled to hire the teaching talent necessary to implement cyber education.
Almost 70% of teachers in the UK do not think they can teach code effectively to schoolchildren because of a lack of skills and teaching tools, according to research by YouGov. Almost 40% said they do not have access to the right technology software to teach coding. Coding is a crucial part of any cyber-security role, with a lack of knowledge in this area contributing to the skills gap; 44% of tech employers said coding faced the biggest skills gap, while 60% of employers said coding will be one of the most important skills for entry-level tech employees.
Funding the foundations
Again, several pledges have been made to support school leaders in attracting and retaining teaching talent. As part of the 2017 Autumn Budget, £84m was committed to upskilling computer science teachers, which was followed by an announcement in May this year that the National Centre of Computing Education, along with 40 schools across the UK, will be part of a programme to train up to 8,000 computing teachers on digital skills. The 40 Cyber Schools Hubs will host events, trial cyber security content, develop new ways of engaging pupils and build educational resources for teachers.
Stimulating and sustaining growth in the cyber security sector will take a collaborative, nationwide approach. Government funding, appropriate allocation of school budget, and backing from industry bodies and tech companies are all required to help train teachers, and to educate schoolchildren. As well as unlocking career opportunities in cyber-security, equipping pupils with IT skills will allow them to safely navigate our digital world – for the benefit of themselves, and the wider UK economy.
Source edexec
Industry: Cyber Security News
Latest Jobs
-
- Data Privacy Lead. Client Facing London. Permanent.
- London
- N/A
-
Data Privacy Lead. Client Facing London. Permanent. London based client facing. Must be eligible to undergo UK Security Clearance (SC) Key Responsibilities: Lead and support client facing data privacy projects. Assess compliance, define and deliver strategic projects / implement privacy solutions. Manage project teams and develop business opportunities. Required Experience: Experience in data protection and privacy standards. Background in consulting. Skills and Qualifications: Business consulting experience IAPPPrivacy Manager / Privacy Technologist Location Greater London UK based role. Not able to provide VISA sponsorship.
-
- VOIP / SIP App Developer. Contract. SIP | VOIP experience needed. SC Cleared Outside IR35 Contract. London
- London
- OUTSIDE IR35
-
SIP | VOIP Developer. SC Cleared Contract. London Looking for a SC Cleared SIP / VOIP Developer to develop an application that interacts with a set of voice and video signalling API’s You will also work on developing in-house applications, browser plugins and automated tooling to support secure communication systems. Responsibilities Develop an application that will manage number mapping and associated identities using commercial SBC API’s. Develop new user-facing features using React.js or other modern JavaScript frameworks. Build reusable components and front-end libraries for future use. Collaborate with the design team to translate UI/UX design wireframes into code. Work closely with backend developers to integrate front-end code with server-side logic. Conduct code reviews and provide constructive feedback to team members. Stay up-to-date on emerging technologies and industry trends to continuously improve our front-end development practices. Troubleshoot and debug issues that arise during development and in production environments. Maintain high coding standards and practices and ensure code is well-documented. Requirement Experience of developing specialist applications using REST API’s. Good knowledge of Go, Java and Python (open to alternative combinations of languages). Proficiency in front-end languages and frameworks such as HTML, CSS, JavaScript, React.js, etc. Strong understanding of web standards, responsive design, and cross-browser compatibility. Experience with version control systems such as Git. Knowledge of RESTful APIs and asynchronous request handling. Familiarity with UI/UX design principles and tools.
-
- Senior Data Privacy Consultant. Client Facing | London
- London
- N/A
-
Senior Data Privacy Consultant. Client Facing | London Senior Data Privacy Consultant needed for a key client facing opportunity. Must be willing to undergo SC Security Clearance. Hybrid role- onsite with customer / office 2-3 days a week. London Key Responsibilities: Lead and support client facing data privacy projects. Assess compliance, define and deliver strategic projects / implement privacy solutions. Manage project teams and develop business opportunities. Required Experience: Experience in data protection and privacy standards. Background in consulting. Skills and Qualifications: Business consulting experience IAPP Privacy Manager / Privacy Technologist Location Greater London UK based role. Not able to provide VISA sponsorship.
-
- Security Analyst - Internal role. London commutable. Permanent
- London
- N/A
-
Security Analyst - Internal role. London commutable opportunity. Operational Security - Investigate, escalate and proactively work to ensure household name remains protected. Project Security - Coordinate, log change requests with project delivery teams to meet security requirements Policy / compliance - work with team to aid in uplifting these as and where needed This role is role to investigate, escalate and proactively work to protect a globally recognised brand. You must have current hands on operational analytical security experience with Microsoft technology stack Someone with a SOC Analyst / security engineering background would be well suited. This position will join a small team and would suit someone that has broad experience across the security threat landscape. Experience / knowledge across industry GRC standards such NIST, ISO27001 etc very advantageous and a priority. You will work across multiple teams proactively working to secure the business. Must be able to commute to Central London 3 days a week. Visa sponsorship not available Apply today to find out more.