Yesterday it was revealed that some 15 per cent of businesses have faced a cyber attack in the past year, with the EU taking the worst of the £200bn a year global hit. With such a phenomenal amount of money at stake each year, how can businesses help to slash these figures in the future?
The issue of cyber attacks isn’t just one for the here and now. Although it is, of course, important, to deal with the imminent threat, there is a critical need to look at the bigger picture and think about tomorrow.
When it comes to policy and practice, simple steps could be taken by organisations to protect themselves from attack. Ed Vaizey spoke just yesterday, urging companies to sign up to the UK government’s cyber essentials scheme, designed to help businesses get to grips with the basics of cyber security.
However, when we look to the longer term, the problem may lie beyond technology.
Some one in five companies struggle to deal with a cyber security breach due to lack of staff, according to the (ISC)². With a shortfall of over 1.5m cyber security workers expected by 2020, it is critical to our national security that we work to tackle this problem as soon as possible.
The cyber security industry has a long-standing issue with recruitment; many have outdated preconceptions of the industry: geeks in darkened rooms shying away from the world or of screens full of code that they can’t begin to understand. While both of those have their part to play – the world of cyber has changed phenomenally and with the development of new technologies, methods and ideas, the need for a wider pool of talent continues to grow.
The industry is now open to individuals from fields as diverse as psychology, mathematics, criminology, and business management - a mix of personalities is critical to deliver all aspects of cyber.
It’s no good being able to solve a technical issue but not be able to justify to the board why you need money for a specific solution to get you there. The effects are being seen in more and more departments across the business. Clearswift found recently that 76 per cent of employees believe it’s time HR stepped up and became more involved in, and familiar with, cyber security as it impacts how we protect sensitive information and business reputation.
So how can we attract new talent? There are a number of initiatives in the UK designed specifically to find and recruit new talent to the cyber security field. This includes intensive cyber courses run by the likes of information security experts – the SANS Institute; sponsorship and training opportunities such as GCHQ’s Cyber First scheme, and Cyber Security Challenge UK’s national programme of competitions.
These initiatives address the chronic shortage of cyber security professionals and appeal to a wider audience in new and innovative ways, to defend the UK against this ever-growing issue of national security.