UK Could Lead The World In Tackling Cyber Threats As Rapid Change Leaves "Huge Scale" Gaps
The National Cyber Security Centre is a governmental department which provides advice, guidance and support on cyber security to industry (Alamy)
6 min read
There is an opportunity for the UK to become a "world leader" in closing the gaps in cyber security employment, according to a new report which outlines how governments and businesses are struggling globally to keep up with fast changes in technology.
A report by the Royal United Services Institute (RUSI) international security and defence think tank has reviewed the recent cybersecurity legislation and regulations of the UK, the US, Canada, Singapore, Japan, and the EU – seen as the six major jurisdictions in the world.
The RUSI, which is launching the report at an event in parliament on Wednesday evening, identified a worldwide shortage of cybersecurity personnel, with governments competing globally for this workforce.
Describing the UK as “a highly capable cyber state” with an ambitious national goal of becoming a “cyberpower”, the report highlighted the UK’s “whole of society approach” to cyber policy which links cyber strategy to education, industry, and foreign policy.
Clare Rosso, CEO of (ISC)² – a non-profit organisation which sponsored the report by RUSI and specialises in the training of cybersecurity professionals – told PoliticsHome that there is an opportunity for the UK to become a "world leader" in this area but it must share its best practices "openly and transparently" to ensure international cooperation.
“We think this is an opportunity to be a world leader," she said.
"The UK can help to be a leading voice in the global standardisation of best practice.”
In March 2021, the then Department for Digital, Culture, Media and Sport set up the UK Cyber Security Council as a new independent body to oversee the UK government’s plan to "make Britain secure and resilient in cyberspace".
Describing this as an example of where the UK has excelled in cyber strategy, Rosso said any findings from the council should be "openly and transparently shared” with other nations to boost international cooperation in the industry, and also stressed that diversity in recruitment is important.
"Cyber threats are rapidly evolving," Rosso said.
"As a nation you will be more successful at problem solving with a diverse team doing that problem solving.”
Ahead of the event in parliament, the (ISC)² CEO added: “It is important for [parliamentarians] to hear what we found.
"We need to ensure they know what other global players are doing and how the UK can take on a leadership role."
She emphasised the need to improve skills “at a huge scale” and that nations such as the UK need to think about how they will train "hundreds and thousands" of individuals in this area in the near future.
To achieve the UK government's cyber goals, the report outlined that a more “diverse and technically skilled workforce” is needed in the industry, which goes beyond gender imbalance and also addresses the need for greater regional diversity.
London and the southeast of England employ nearly half of all UK cyber-security professionals, so the UK government has funded 12 ‘cyber clusters’ across England, Wales, Scotland and Northern Ireland, to encourage cooperation between local private and public sectors.
The report recognised that recent trends and global events, such as the Covid-19 pandemic and increased digitalisation, have caused an imbalance in the number of workers needed to fulfil the skills in the cyber industry.
Governments across the world have introduced a range of initiatives to respond to such shortages, but the report highlighted that there is a lack of research on whether these schemes are effective, particularly on how to reduce gaps between education and the demands of industry.
Nick Smith, the MP for Blaenau Gwent – the area found to be the most deprived in Wales by the Welsh Index of Multiple Deprivation – said he would "strongly support" the report's findings that the UK could become a world leader in closing the global cyber security workforce gap.
Last year, Smith helped to set up a 'Cyber Hub' in a college in his constituency to train up young people to enter the cyber security industry.
"Local people from Blaenau Grant who work for for Fujitsu in the Heathrow area said we just can't get staff," he told PoliticsHome, explaining how realised there was a employment gap that young people in his constituency could fill.
"The course has come on leaps and bounds. I’m trying to support the sector and trying to get local youngsters good careers in it. And it's really taken off in Blaenau Gwent," he continued.
"Given the critical nature of this workforce to our economy, and to our security, we've got to try and do this quickly and at scale. So there's an issue of encouraging other colleges in other places.
"I've been in discussions with DCMS officials in recent years about promoting much better broadband quality rollout across our country because in Blaenau Gwent it's harder to get good broadband because we are not major city or town and off the M4 corridor, but it's really important for regional development and addressing income inequalities to provide good broadband so that young people can get opportunities in these new sectors."
The RUSI report also found that across the world, there has been a trend towards more interventionist policies rather than voluntary standards for tech firms, citing the UK’s 2016 cyber strategy as an example of this.
Calling for international cooperation on cyber regulation that is “proactive rather than reactive”, the RUSI warned that without international guidelines, tech firms could enter markets with a "wild west" mentality.
The report stated that cyber threats can only be tackled internationally as they operate “without borders”.
It also highlighted a broader theme that big tech must take a big role in cyber security ecosystems, with a need for firms like Meta and TikTok to be transparent about their security and privacy efforts.
A wide range of threats facing the UK were identified in the National Cyber Security Centre’s 2022 Annual Review, including ransomware attacks and other types of cybercrime, and threats posed by state actors in cyberspace.
Science, Innovation and Technology Michelle Donelan said: "Protecting the UK's digital economy is our top priority, which is why our National Cyber Strategy, backed by £2.6billion, has a clear focus on deterring and disrupting cyber adversaries, protecting supply chains and infrastructure and advancing the secure use of digital technologies.
"This comes on top of action to strengthen our cyber security laws, which includes world-first legislation to protect consumers' 'smart' devices."
Minister of State, Baroness Neville-Rolfe DBE CMG, who is speaking at the parliament event tonight, said: “This new report highlights the significant cyber challenges facing governments across the world, but with great challenge comes great opportunity.
"As part of the National Cyber Strategy, we are already working closely with industry to ensure there is a diverse and sustainable supply of cyber security professionals to meet the demands of our increasingly digital economy.
"However, we recognise that achieving cyber resilience requires collaboration, and that means working with a wide range of international partners to take collective action."
PoliticsHome Newsletters
PoliticsHome provides the most comprehensive coverage of UK politics anywhere on the web, offering high quality original reporting and analysis: Subscribe
