UK Cyber Security Council Hopes to 'Close the Skills Gap'Chair: New Organization Will 'Be a Source of Expert Advice'
The U.K. Cyber Security Council, a self-regulatory body for the cybersecurity education and skills sector that began operations Wednesday, is designed to help "close the skills gap," says Claudia Natanson, chair of the council's board of trustees.
The council will be "an indispensable resource that will influence and be a source of expert advice for all levels of government, industry and academia," she tells Information Security Media Group. "Ultimately, we want to develop and promote U.K. cybersecurity excellence globally.”
The U.K. Department for Digital, Culture, Media and Sport commissioned the new council in September 2019. It was developed by the Cybersecurity Alliance, an umbrella group of 16 organizations whose members include (ISC)², TechUK, the Chartered Institute of Information Security, the Institute of Electrical Engineers and ISACA.
Clar Rosso, CEO of (ISC)², which offers a credentialing program, says the new council will help foster greater cybersecurity skills development to expand the workforce. "Further, it will support our sector’s collective mission to equip professionals with the skills, knowledge and continuous development needed to keep pace with the evolving needs of the cybersecurity industry and the wider economy."
The launch of the council comes as cyberattacks continue to surge in the U.K.
On Monday, the BBC reported that at least 37,000 students were affected after a ransomware incident compromised Harris Federation, which runs 50 primary and secondary schools in London.
Two out of five U.K. firms have reported having breaches or attacks in the last 12 months, according to the recent Cyber Security Breaches Survey 2021. The government survey found phishing to be the most common vector for launching attacks.
The survey also shows that businesses are using insufficient security monitoring tools to identify abnormal activities that could indicate a breach. Only 83% of businesses have up-to-date antivirus software, according to the survey.
The Need for Continuous Education
“There is no doubt that the business disruption created by the pandemic has had an impact on business visibility and awareness," Natanson tells Information Security Media Group. "Continuous education has become paramount in ensuring that our existing professionals can stay sharp - even when dealing with unplanned and wide-ranging business transformation - equipping them with the skills and knowledge needed to combat an increase in threats and a new wave of complex and innovative challenges to countermeasures and capabilities."
Collaboration across the industry "will be so important to ensure we fully understand how the profession can help and support the ability of organizations to increase their cyber resilience,” she adds.