4 minute read
INTERESTED IN CYBER SECURITY? YOUR COUNTRY NEEDS YOU
Why are there so many job vacancies in cyber security?
There are currently around 300,000 cyber security job vacancies across the UK, but never has this sector been more important to UK security.
So why are the jobs so hard to fill?
The pay’s good. According to careers website Future Learn, the average salary for a cyber security professional is between £50,000-£80,000 and the sector also performs well in terms of job satisfaction.
Charlotte Smith is Gloucestershire cyber network CyNam’s Cyber Skills Growth Lead and Co-ordinator.
She said: “Those working in cyber security can travel the world, work flexibly from home, or any office of their choice – and what’s better than knowing in your day’s work that you might just have played a role in protecting the nation’s security,”
If you press any digital button as part of your work you are involved in the world of cyber, whether it’s programming or creating content for a marketing campaign, the list of jobs involving cyber just keeps growing with some not even created as yet.
So a lot of it is about perception and the newness of the sector, she adds.
“It’s only recently that cyber security companies are realising that to attract new people to fill vacant positions, they need to present what they do in a more engaging and simple way, rather than wrapping up a job description in unnecessary technical jargon that someone unfamiliar with the sector is unlikely to understand.
“That starts with the HR team where those writing cyber job specifications need to really understand the role and requirements.”
“I’ve never worked in a more inclusive, diverse and welcoming sector, but this doesn’t aways come across.”
There is a significant proportion of people successfully working in cyber who are neuro diverse, Charlotte points out.
But it’s not just young people who should consider a career in cyber security.
More companies are also looking at their existing workforce, of whatever age, to see if they can offer retraining, as well as welcoming applicants from wider communities such as veterans and women returners. This is why a flexible approach to work is important, so that it can meet the demands of a diverse community.
Many colleges across the region, such as Gloucestershire College, are offering boot camps for those seeking to retrain, and the Institute of Coding, through regional universities, also offers retraining opportunities for older employees.
It takes three months to develop cyber skills
This may be because they are particularly suited to the role’s requirements.
When a company’s systems are attacked, being able to solve and address the challenge needs multiple ways of looking at the problem to understand and solve it, and get that business back up and running.
Charlotte explains: “Jobs in cyber security often require people who can think creatively, outside of the box, as well as logically and laterally – and attention to detail is key. The job also requires integrity.
“The UK’s National Cyber Security Council and GCHQ understand this better than most and have widened their recruitment process.”
It’s also true that as a career in cyber security is relatively new, parents may not truly appreciate that it can be as sustainable, important and fulfilling a job as any of the more traditional professional careers.
It takes more than three months on average to develop the knowledge, skills and judgment to defend against breaking threats, according to Bristol-based cyber security training company Immersive Labs.
The two sectors slowest to train employees are infrastructure and transport, taking an average of more than four months (137 days) to ensure skills development after a threat emerges.
A long lag in human capabilities contrasts significantly with the widely-accepted need for swift technical remediation.
Rebecca McKeown, Director of Human Science at Immersive Labs and an exmilitary psychologist, said: “Cyber security presents a unique skills development challenge for humans.
“Responding to a hybrid real-world and digital battlespace which is always changing means continuous skills development is crucial to preventing skills decay and building cognitive agility.”
Tough new rules to protect UK telecoms networks against cyber attacks
Broadband and mobile companies will have to follow tough new security rules to better protect UK networks from potential cyber attacks.
The new telecoms security regulations will be among the strongest in the world, says the government, and provide much tougher protections for the UK from cyber threats which could cause network failure or the theft of sensitive data.
The Telecommunications (Security) Act, which became law last November, gives the government powers to boost the security standards of the UK’s mobile and broadband networks, including the electronic equipment and software at phone mast sites and in telephone exchanges which handle internet traffic and telephone calls.
• More than 95 per cent of cyber security issues can be traced to human error. That’s the findings of the World Economic Forum Global Risk Report 2022
• More than 60 per cent of people use the same password for multiple accounts. Meaning that a hacked or leaked password could cause wider damage to an individual
• A well-respected cyber training programme is Cyber Essentials. This is an effective, government backed scheme that will help you protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.
• Google Safe Browsing helps protect more than four billion devices every day. It does this by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files. Safe Browsing also notifies webmasters when their websites are compromised by malicious actors
• The number of cyber attacks on the financial sector has more than doubled. Customers’ sensitive data and personal banking details can be sold on the black market for huge sums. (source, SoSafe, a cyber security awareness training and human risk management company)
Can the UK ‘replace’ GDPR and still keep data adequacy with the EU?
The government’s recent announcement that it will ‘replace’ GDPR and pause the Data Reform Bill, has raised fresh questions about the UK’s EU data equivalence, according to a leading tech and data lawyer.
Dr Sam De Silva, Chair of Swindonbased BCS, The Chartered Institute for IT’s Law specialist group, and partner at international law firm CMS, warned that UK business may find themselves having to potentially ‘comply with two regulatory regimes’ following the legislation.
Dr De Silva said: “At the moment, the UK has the benefit of an EU adequacy decision that allows the free flow of personal data from the EU to the UK. However, that adequacy decision requires the EU Commission to continuously monitor developments in UK law in order to assess whether the UK still provides ‘essential equivalence’.
“What this means is that significant deviation from the GDPR will risk the UK losing its adequacy.
“Interestingly, DCMS Secretary of State, Michelle Donelan, made it clear in her recent speech that the intention is that the UK would retain its adequacy decision.
“ It’s not clear how practical that is if the government is aiming to fundamentally move away from the GDPR.”
