The UK government recently announced plans to conduct its second audit into the state of the country’s cyber security workforce. Ipsos MORI will carry out the survey of private businesses, public sector organisations and charities which will focus on issues around the employment and training of cyber security professionals.
The audit looks to build on the findings of its first report, published last year, which revealed that more than half of all UK businesses had a “basic technical cyber security skills gap”. 51 per cent, for example, admitted they weren’t confident in carrying out a cyber security risk assessment, while 47 per cent lacked confidence in developing security policies.
The capacity for more high-level technical tasks was even more problematic, with around three in five businesses unconfident in their ability to conduct penetration testing or perform forensic analysis of their own data. The previous audit also found that just under half of all businesses felt they were insufficiently skilled to deal with a cybersecurity breach or attack.
This is particularly worrying when you consider the risks that they face. One report found that UK businesses faced an average of around 146,000 attempted attacks between April and June this year – one every 50 seconds.
The hope is that this year’s audit will find an improved situation. Otherwise, the way in which businesses recruit and train cybersecurity professionals is in urgent need of change.
Counter-productive recruitment processes
According to last year’s audit, 46 per cent of businesses write the term “cyber security” into IT job descriptions. This may prove limiting to the performance of these employees, however, and could even jeopardise an organisation’s security. After all, just as there’s no one single type of cyber-attack, there is no one single type of cyb ..
Support the originator by clicking the read the rest link below.
