Cyber skills gap undermining anti-hacking efforts

A report from the National Audit Office has revealed that it could take decades to get the right level of skilled security specialists to secure the UK

The government may have made cyber security more of a priority but the fight against hackers could be hampered by a lack of skills that leave gaps in the ability to create strong defences.

The spectre of a cyber security skills gap has been raised by the National Audit Office (NAO), which has warned that it could take up to 20 years to get the required level of expertise.

Although the government had made investment in cyber security a higher priority the number of those specialists with security skills has not risen in the UK to the numbers needed, according to a NAO report.

"The threat to cyber security is persistent and continually evolving. Business, government and the public must constantly be alert to the level of risk if they are to succeed in detecting and resisting the threat of cyber attack," said Amyas Morse, head of the National Audit Office.

In addition to urging the government to address the skills gap the NAO is also calling for more education to be carried out to make firms more aware of thye risks and to avoid weak links cropping up as a result of ignorance.

One response from the security industry, from  Thurstan Johnston, sales engineer at Faronics, pinpointed the skills issue as one that needed to be tackled with a sense of urgency.

“This report rightly points out just how complex it has become to thwart cyber crime in the UK. There is no question that a shortage of skilled professionals is extremely detrimental to our cyber defence effort and it is something the government seriously needs to address if it wishes to defend itself from today’s sophisticated attacks," he said.

“However, there is not just a skills gap to consider, but also a huge awareness gap that needs to be filled. Many organisations still believe that they are sufficiently protected with just a good security package, which not only indicates blazing ignorance, but also a lazy approach to combating cyber crime that could have expensive consequences. Threat mitigation has become an holistic endeavour, with skills, education and awareness being the essential elements," he added.

Read more on Threat Management Solutions and Services