Advanced search

UK skills shortage holding back fight against cyber attacks

The UK’s fight against cyber-crime is being hampered by a lack of relevant skills, engineers warn today.

Small businesses are coming under increasing attack from hackers, according to new government data, but a survey by the Institution of Engineering and Technology (IET) found only 30 per cent of such companies felt they had sufficient cyber protection.

Recent research by the Department for Business, Innovation and Skills (BIS) found that 87 per cent of small businesses (and 93 per cent of large ones) experienced a breach in their cyber security in the last year, an increase of over 10 per cent.

But the IET survey of 250 small and medium enterprises (SMEs) found only 14 per cent of them said cyber security threats were the highest priority and that they already had sufficient skills and resources in place to manage the threat.

The IET’s cyber security lead, Hugh Boyes, said the problem was both a lack of engineers going into the cyber security sector and a failing of universities to include an awareness of the issue in the computer programming courses

‘It’s a combination of software skills and system engineering skills,’ he told The Engineer. ‘For example, many university engineering courses teach students basic programming skills but don’t focus on the trustworthiness of the software they produce – making it secure and reliable.

‘Because of the interconnection of systems, we need to increasingly think about how a piece of hardware or software works with everything else …

‘A lot of courses focus on the maths of engineering rather than the big picture of building systems and the consequences if it goes wrong.’

The government-run Technology Strategy Board recently extended its voucher scheme offering SMEs the chance to bid for up to £5,000 from a total pot of £500,000 to improve their cyber security with outside expertise.

But the IET survey found that only half of the SMEs contacted were aware of the government’s Cyber Security Strategy.

The IET is also developing its own scheme to sponsor cyber security masters degree courses at selected universities, which aims to give the sponsored students cyber security skills they can apply in their current job, or the opportunity to develop a career in a cyber security role.

Readers' comments (6)

  • There is no IT skill shortage in the UK, there's clearly a lack of understanding of skillsets by non technical managers who commonly employ folks, which oft hire inexperienced outsourced labour, if large firms took the initiative to hire young talented folk instead or dedicated resources to tackling digital/cyber security we wouldn't have this issue, a lot of young technicians (admittedly not all) are finding it difficult to explain or rationalise their skills to employers or even be given half a chance to tackle 'high end' problems

    Unsuitable or offensive? Report this comment

  • It's only a high priority for 14%. There can't be a shortage on services nobody wants to think about, or even pay for.
    I shut down my security consultancy 10 years ago for lack of interest.

    Unsuitable or offensive? Report this comment

  • A team containing 6 young people including myself totally interested in Cyber crime management. We are able to solve any kind of problem to secure with the best protocol. But we are in lack of technologies with us not the knowledge. And also we tried a lot to prove our team can do best cyber security in any field, but no one give opportunity to us. So we are scattered and working in some IT jobs without interest. We are ready to unite again if we get this opportunity and to prove the best by solving all kind of problems. We are INDIANS.

    Unsuitable or offensive? Report this comment

  • Many university courses fail dismally. So as a small startup we set up a software apprenticeship scheme. The government decided instead of helping us to give millions to Microsoft to look at setting one up (something they haven't done yet), so we folded the company (no point if even our government can't be arsed with a British company is there?)

    However, we did finish the course and launched the apprentices on the world. The UK naturally shunned them, after all, we have been conditioned over the last 10 or 20 years that ONLY university students could possibly be skillful or clever enough (I am a graduate but admit the best engineers I've worked with have been non-graduates - every one of them, but thats not the point - even the company I work for won't even interview a non-graduate, however many years of top flight experience).

    The apprentices have largely gone off and set up themselves, successful small businesses doing top quality engineering.

    But isn't it a sad state when British industry isn't supported to produce apprentices and when apprentices are shunned by the companies who are crying that they can't get the engineers?

    This is of course compounded by the simple facts that if any one wants to make serious money they need to 'act', 'dance', take their clothes off, appear on 'big brother', kick a football or be a banker... you know most footballers take every week what I as an experienced engineer get a year... why would anyone recommend engineering to a child?

    Unsuitable or offensive? Report this comment

  • There is no shortage of skills needs new setup, requiring serious 'education policy'. The short term solution may be....... to develop 'ethical hacking labs' in every department of Computer Science, Engineering & Technology of all UK universities and colleges.

    For long term, it is important to educate and train our school age mobile lovers and gamers to combat increasing cybre crime. In this regard, it is necessary to prepare our future graduates from the very early stages of their education (i.e., like they learn English, Maths, Science, Geography etc in primary schools). More tools are available online than ever....Teach yourself hacking activity has become global phenomenon. One example is the use of software called ‘Hacking-Lab’ with more than 14000 registered users worldwide. The facilitators and members exchange new challenging ideas of online security. One can explore vulnerabilities and policy loopholes in the designed networks. There are database systems that keep record of the data for vulnerability management and security risk management. These have become industry standards for analysis of vulnerabilities. Among these two databases are very popular in cyber-security community, National Vulnerability database (NVD, and common vulnerability and exposures (CVE,

    The problem with the UK Universities is 'staff' is not encouraged to develop such ethical hacking labs. If there are any then these are not because Universities are doing it but it is mainly because of individual 'research-informed' staff members.

    Unsuitable or offensive? Report this comment

  • As state by others. There is definitely no skills shortage in engineering. The issue is low pay. It puts many off studying engineering and those that have often end up in sectors other than engineering such as finance. How can an industry effectively operate like this. The onl way to get these highly talented people into engineering is to pay more.

    Unsuitable or offensive? Report this comment

Have your say


My saved stories (Empty)

You have no saved stories

Save this article