A survey conducted by MWR InfoSecurity at 44Con 2014 has revealed that 75% of the information security professionals in attendance believed that a lack of cyber security skills in the UK makes it a potential easy target for attackers.
A similar number (74%) thought that people’s lack of education when it comes to cyber security is the most serious threat facing businesses today. This presents a huge opportunity within industry and Government to improve cyber skills for all.
“What we have here is a case of not only a shortage in highly skilled professionals to combat cyber crime, but also a lack of general education amongst the public and employees that hackers can take advantage of to compromise our national security in Great Britain,” said Martyn Ruks, Group Technical Director at MWR InfoSecurity.
“This information combined with the fact that three quarters of the industry think the UK is put in a vulnerable position because there aren’t enough skilled cyber professionals should be viewed as an opportunity for the UK government and industry to rise to the challenge,” continued Ruks.
“We believe that if you want to protect something you need to know why someone would want to acquire or damage it and why,” said Ruks. “Only by understanding motivations and drivers can you begin to map out what the solutions need to look like which is why, in conjunction with professional training courses, University degrees, security conferences and Capture the Flag competitions, we need to equip people with the right approach and attitude for solving the difficult problems through real world simulated activities and challenges.”
As well as corporate schemes to improve skills amongst professionals, Government initiatives, such as Get Safe Online promote individual responsibilities when it comes to online safety. “Each and every one of us has a big role to play when protecting ourselves, and the places we work, from online criminals,” said Tony Neate, CEO of Get Safe Online.
“We must not only take responsibility for our own online safety by following some basic rules, but avoid compromising the security of our employers who are facing more sophisticated threats than ever before. This means doing things like using strong passwords at all times, checking privacy settings on social media accounts, logging out of accounts when we have finished using them, and never opening or forwarding a suspicious looking email,” he continued.