Lack of cyber skills 'a pressing matter of national security', parliamentary committee finds

Written by Jim Dunton on 24 July 2018 in News

The government must do more to recognise and address a worrying cybersecurity skills shortage, MPs have claimed

The government has been accused of lacking urgency in its work to tackle a lack of suitably skilled cybersecurity workers in the critical national infrastructure sector.

Parliament’s Joint Committee on the National Security Strategy said ministers had “no real sense of the scale of the problem” and lacked ideas on how it could be addressed.

The committee, which brings together MPs and peers, said last year’s WannaCry attack which hit the NHS particularly hard – but did not specifically target the health service – had demonstrated the need for vigilance and provided evidence of the risks that critical national infrastructure was exposed to.

But it said that consistent concerns expressed by industry were being met a lack of detailed analysis of which sectors and specialisms were most acutely affected. It also pointed to delays in a standalone skills strategy designed give impetus to better match the supply of skills to demand as evidence of a lackadaisical attitude on the part of government.

The committee said the strategy had been promised in November 2016 but was now not scheduled to be published until December this year. 

Related content

Committee members said that it was not enough that the Department for Digital, Culture, Media and Sport had been identified as the lead ministry for the issue and called for a minister to be allocated to lead on cybersecurity skills.

They also called on the government to put in place “robust mechanisms for cross-government co-ordination and co-operation” on the issue.

Committee chair Dame Margaret Beckett said that not only was there a problem with the availability of people with cybersecurity skills but also a problem with the “worrying lack of focus” displayed by the government in dealing with the situation. 

“We’re not just talking about the ‘acute scarcity’ of technical experts which was reported to us; but also the much larger number of posts which require moderately specialist skills,” she said. “We found little to reassure us that government has fully grasped the problem and is planning appropriately. We acknowledge that the cybersecurity profession is relatively new and still evolving and that the pace of change in technology may well outstrip the development of academic qualifications. However, we are calling on government to work closely with industry and education to consider short-term demand as well as long-term planning.”

Beckett said that “as a very first response” the government should work in close partnership with the CNI sector and providers to create a cybersecurity skills strategy that would give clarity and direction. 

“It is a pressing matter of national security to do so,” she said.

Share this page




Please login to post a comment or register for a free account.

Related Articles

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

Data watchdog urges against further FoI exemptions
9 June 2023

Information commissioner warns MPs of risks of absolving agencies of transparency requirements

Ex-intelligence chief ‘appalled’ at ministers’ use of private messages
1 June 2023

Former GCHQ and Home Office leader David Omand expresses disapproval of use of WhatsApp and other platforms for government business

MoD seeks senior exec to boost ‘cyber awareness, behaviours and culture’ across defence sector
23 May 2023

Role comes with a remit to work with current and former military personnel, as well as officials and commercial suppliers

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...