The key to unlocking cyber-skills starts at school
It’s a digital future that we are sending students off into and it is paramount that we prepare them for it. One element of increasing importance is cyber-security; Stephen Jones, MD SANS Institute UK and Nordics, makes a strong case for educating students in cyber-security – bolstering their interest in it and making the school and their future a more secure digital environment
The UK is keen to be seen as a digital innovator, which is probably a smart move considering ongoing uncertainties surrounding the details and final outcome of Brexit. However, along with funding developments in areas like 5G, robotics and AI, there must also be a dedicated focus on protecting and securing the nation’s digital infrastructure. This means educating the next generation of (potential) cyber-security professionals not only on IT security but on why this is such a crucial – and rewarding – career option.
We’re already a hyper-connected society. Recent announcements regarding 5G – the next generation standard which will enable a huge number of internet of things (also known as IoT) use cases – mark another step forward in the digitalisation of things, processes, operations and interactions. This is great news, but it’s vital that innovation does not outpace IT security, which is already a costly and sizeable problem.
Securing the future of cyber skills
A recent government survey found that 43% of businesses had experienced a cyber-security breach or attack in the last 12 months. The severity of attacks – and their cost to businesses and the wider economy – vary, but without effective cyber-security measures and skilled personnel, the potential for damage is huge. It is extremely hard to quantify costs but according to Lloyds of London, a serious cyber-attack could cost the global economy more than £92bn.
Currently, it seems many businesses are doing little to address the problem; the same government report found that only 27% businesses and two in 10 charities have any formal cyber-security policy in place. Whilst organisations do have a responsibility to put policies and personnel in place, they also face a major hurdle: a lack of available people with the necessary skillsets.
Going back to school
Re-skilling and training employees on an ongoing basis can help reduce this gap, but the situation is so severe that it must be addressed at the core: cyber-security must go back to school. Most students today are highly digitally-literate. This offers the perfect foundation upon which to introduce new skills and cyber-awareness, leveraging an existing knowledge of technology.
Given the current – and growing – cyber-threat landscape, this approach should be considered a ‘must-have’ rather than ‘nice-to-have’ for any educational institution. An ‘always on’ usage of social media platforms and online accounts at home, for instance, should be complemented at school – and from an early age – by basics like password management, digital footprint and privacy settings.
Bolstering an interest in cyber-security
This needs to go one step further, however, and begin to introduce to students – and their parents and teachers – the basics of what it takes to become a cyber-security expert and to help develop an understanding of cyber-security as a cool, fun and lucrative career choice. Even for those who had never considered themselves as technically gifted.
Of course, this has the added advantage of pointing those pupils who are already playing around with hacking, in the right direction rather than them potentially drifting towards the ‘bad side’ – where they will only be contributing to the problem rather than helping to solve it.
Fortunately, this approach has had government backing. The UK’s National Cyber Security Strategy was launched in 2016 and sets out a number of initiatives aimed at improving cyber-security skills throughout the school, higher- and post-education sectors. This includes £20m of funding allocated to its Cyber Schools Programme, which is designed to give children aged 14 to 18 clear pathways into the cyber-security industry via direct contact with industry experts.
The programme was launched last year as Cyber Discovery. Aiming to tap into undiscovered cyber-security talent, Cyber Discovery provides a comprehensive cyber-security curriculum delivered through a series of online challenges and training. This allows students aged between 14 and 18 to either learn and progress outside of school hours in their own time or as part of a Cyber Discovery club. The programme takes the crucial approach of building on pupils’ existing knowledge of technology, in order to create cyber-security knowledge.
Gamification – which has been heavily integrated into the Cyber Discovery programme – is one example of a learning style which has proven successful with pupils. Twentieth-century theorists Jean Piaget and Leonard Vygotsky argued that play is a crucial component of cognitive development from birth and through adulthood; an attitude which prevails today but is perhaps under-actioned by many schools and colleges.
Given the shift towards digital gaming over the past two decades, this approach offers the perfect complement to cyber-security course content. Using personal devices to complete learning-based ‘games’ and leveraging online portals for competitions, hackathons and collaborative projects are successful methods of engaging, immersing and educating pupils in cyber-security.
This approach has even proven successful in the workplace; according to a recent report, 96% of businesses that use gamification in the workplace reported seeing benefits and almost all believe that gaming affords players the experience and skills critical to cyber-security, including logic and perseverance.
Teaching teachers, teaching children
Embarking on programmes like Cyber Discovery is great for those children with the time and resources to follow a curriculum outside of school. However, it’s also important that cyber-security education becomes an integrated part of all school curricula and budgets. Just as UK business and industry are facing a cyber skills shortage, many schools have also struggled to hire the teaching talent necessary to implement cyber education.
Almost 70% of teachers in the UK do not think they can teach code effectively to schoolchildren because of a lack of skills and teaching tools, according to research by YouGov. Almost 40% said they do not have access to the right technology software to teach coding. Coding is a crucial part of any cyber-security role, with a lack of knowledge in this area contributing to the skills gap; 44% of tech employers said coding faced the biggest skills gap, while 60% of employers said coding will be one of the most important skills for entry-level tech employees.
Funding the foundations
Again, several pledges have been made to support school leaders in attracting and retaining teaching talent. As part of the 2017 Autumn Budget, £84m was committed to upskilling computer science teachers, which was followed by an announcement in May this year that the National Centre of Computing Education, along with 40 schools across the UK, will be part of a programme to train up to 8,000 computing teachers on digital skills. The 40 Cyber Schools Hubs will host events, trial cyber security content, develop new ways of engaging pupils and build educational resources for teachers.
Stimulating and sustaining growth in the cyber security sector will take a collaborative, nationwide approach. Government funding, appropriate allocation of school budget, and backing from industry bodies and tech companies are all required to help train teachers, and to educate schoolchildren. As well as unlocking career opportunities in cyber-security, equipping pupils with IT skills will allow them to safely navigate our digital world – for the benefit of themselves, and the wider UK economy.
Industry: Cyber Security News
- IAM Product/ Project Manager
- Upto €80,000 plus benefits
IAM product/project manager is need for this expanding service provider to help develop their IAM (CIAM) strategy roadmap. This role will have two main functions, to work between the front end digital team and the backend IAM development team to ensure that the current deployment of the solution runs smoothly and is fit for purpose, the Second function is to look at the business’ future digital offerings and to understand how the IAM/CIAM solution will develop with the new digital strategy, you will be looking at the future technology and the ensuring the IAM solution is fit for purpose. The business is an agile environment and you will require agile experience. This is a great opportunity to help shape a key product within the future digital strategy of this expanding service provider. We are looking for someone with both IAM and strong product management experience Project management experience would be beneficial. If you are interested speak to Robert Anderton on 0044 (0) 7957 493501 and he will be able to discuss the role in more details IAM product/project manager is needed for this expanding service provider to help develop their IAM (CIAM) strategy roadmap. This role will have two main functions, to work between the front end digital team and the backend IAM development team to ensure that the current deployment of the solution runs smoothly and is fit for purpose, the second function is to look at the business’ future digital offerings and to understand how the IAM/CIAM solution will develop with the new digital strategy, you will be looking at the future technology and the ensuring the IAM solution is fit for purpose. The business is an agile environment and you will require agile experience. This is a great opportunity to help shape a key product within the future digital strategy of this expanding service provider. We are looking for someone with both IAM and strong product management experience Project management experience would be beneficial. If you are interested then speak to Robert Anderton on 0044 (0) 7957 493501 and he will be able to discuss the role in more details
- Cyber Incident Manager, Proactive planning and management. SC
Cyber Incident Manager, Proactive planning and management. Cyber incident Manager needed to join a large and complex business to help them prepare for a cyber related incidents. SC clearance will be required. Current or the ability to achieve. This role does not require specific current hands on technical Incident response experience, but this background would give a distinct advantage. The role has two key functions: to help the business prepare for an event and to steer them through when / if that happens. The Cyber Incident response managers role will include, but not be limited to; working with internal stakeholders to develop a security incident management plan along with its and supporting policies. Developing plans and implementing strategies on how incidents are detected, reported, assessed and responded to. Engaging with leadership teams both internal and external, proactively mapping out this large business to identify and engage the various other stakeholders and their teams. Build out and document incident scenarios and their processes, ensure incident management procedures are updated, playbooks and key training etc. You should have experience working with both internal teams and external suppliers. The role will also focus on liaising with the various teams to ensure the security incident response plan is delivered effectively. CCIM, GCIH, CIPR (NCSC-Certified Cyber Incident Planning & Response) Looking to interview immediately.
- SOC Manager. SC Clearance. Immediate opportunity.
Permanent SOC Manager. SC cleared / clearable, London / Birmingham. SOC Manager needed to replace a SOC contractor I placed into a client who is due to complete their assignment at the end of March. The ability to achieve SC clearance is essential. Looking for someone that is a blend of strategic stakeholder engagement with strong technical skills. The role will sit in a relatively new SOC environment. The position is to setup, implementation and management of resources to help with the initial and on-going stages of a new SOC. Experience engaging with and managing client stakeholder relationships as well as 3rd party relationships is critical. The role will involve; setting up, implementing and fine tuning the various initial stages of a SOC environment. Experience establishing and building out technical process / operational capability, managing of technical teams (analysts, engineers and architects, creation of policy / playbooks, fine turning is key. SPLUNK is the tooling of choice… Interviewing immediately. Set up a call with me today on https://calendly.com/chris-holt/arranged-call-with-chris-holt-soc-manager-role Direct contact details Chris.Holt@dclsearch.com or 07884666351
- Security engineer. Financial Services. UK. Permanent
CH7863 Security engineer. End User . Financial Services Security Engineer needed to monitor and manage a security suite of tools within an End User environment. The Security Engiener will be responsible monitoring, configuring, fine tuning, incident management and generally improving the security tool capability. Specific experience with CyberArk, Tripwire Log Center and Tripwire Enterprise is highly desirable). Current experience with Vulnerability management and penetration testing is highly desirable. Specifically the ability to effectively manage 3rd party pen tests. You will be working within a specialist security team reporting to the CISO. Experience working within an end user environment within financial services is highly desirable. Flexible location. This is an exclusive role to DCL Search & Selection. To book a call please use my Calendy link https://calendly.com/chris-holt/arranged-call-with-chris-holt-soc-role-