Unpacking the government’s new cyber security strategy
The government’s much-vaunted National Cyber Security Strategy launched earlier this month, with £1.9 billion set aside to strengthen the country’s defences against malicious attacks.
The initiative is a follow-up to a similar scheme the government introduced five years ago, but the ever-increasing threat of cyber criminals means funding has more than doubled from the original £860 million provided in 2011.
So what are the objectives of the new strategy? What changes can we expect? And how will this new investment in cyber security affect the recruitment market?
Let’s take a closer look at what the government has in store for cyber security over the coming years.
The importance of cyber security
Chancellor Philip Hammond introduced the strategy on November 1st, claiming it would be essential for protecting the British economy and citizens against unscrupulous cyber criminals.
Citing the World Economic Forum’s 2016 Global Risks Report, the government noted that cyber crime costs businesses $445 million (£355 million) a year. Meanwhile, the government’s own figures showed two-thirds of large organisations admitted suffering a breach or attack over the last 12 months.
The most costly attack found across more than 1,000 businesses set the company back £3 million, with 69 per cent of respondents saying cyber security is now a high priority for senior executives.
Mr Hammond highlighted various areas of concern, including legacy IT systems, an increase in connected devices that can be exploited and a lack of cyber security training and skills.
“No longer the stuff of spy thrillers and action movies, cyber attacks are a reality and they are happening now. Our adversaries are varied – organised criminal groups, ‘hacktivists’, untrained teenagers and foreign states,” said Ben Gummer, minister for the Cabinet Office and Paymaster General.
The National Cyber Security Strategy is designed to combat these problems with a three-pronged approach.
Deter, defend and develop
There are three key areas of funding in the strategy to ensure the UK is well prepared for increasingly sophisticated cyber attacks.
Deterrence: The government wants to aggressively pursue cyber criminals through new law enforcement measures, as well as building international partnerships to protect against threats from outside the UK.
This year, 50 specialist cyber crime investigators and technical specialists will be recruited to join the National Cyber Crime Unit in an effort to strengthen the team’s national and international capabilities.
Defence: According to the government, significant investment will be made into strengthening its own defences, while also providing crucial advice to stop organisations from falling victim to cyber crime in sectors such as energy and transport.
The government will work with industry to implement automated defence mechanisms that can stop hackers, viruses and spam emails from reaching potential victims.
Development: Building a future talent pipeline for qualified cyber security professionals is a core focus, with cyber apprenticeships, advanced teaching initiatives and retraining schemes.
A new Innovation Centre in Cheltenham will launch a Cyber Innovation Fund in 2017 that aims to develop new products and technologies to boost cyber security measures. Investment will also go towards training and support for cyber-focused academics and start-ups to help them get new ideas to market more quickly.
“Britain is already an acknowledged global leader in cyber security thanks to our investment of over £860 million in the last Parliament, but we must now keep up with the scale and pace of the threats we face,” Mr Hammond stated.
“Our new strategy, underpinned by £1.9 billion of support over five years and excellent partnerships with industry and academia, will allow us to take even greater steps to defend ourselves in cyber space and to strike back when we are attacked.”
The effect on cyber security recruitment
An increased focus on cyber security, notwithstanding the substantial additional investment, is likely to come as good news for professionals working within the industry. The government has already indicated it will be hiring more experts in this area, and businesses are following suit.
Figures from Barclay Simpson’s Security and Resilience Market Report published earlier this year revealed 68 per cent of managers don’t believe their security department is effectively resourced. Meanwhile, one-third of organisations have fattened their budgets in order to cope with extra demand.
Approximately half of respondents to our survey said security professionals are difficult to find, with cyber security a particularly challenging department within which to increase headcounts.
All this potentially points to an active cyber security recruitment market over the coming years, and skilled professionals could have their pick of the opportunities that arise given the current shortage of candidates.
Our 2016 Compensation and Market Trends Report combines our review of the prevailing conditions in the security & resilience recruitment market together with the results of our latest employer survey.
Image: Warchi via iStock