Lack of cyber skills 'a pressing matter of national security', parliamentary committee finds
The government must do more to recognise and address a worrying cybersecurity skills shortage, MPs have claimed
The government has been accused of lacking urgency in its work to tackle a lack of suitably skilled cybersecurity workers in the critical national infrastructure sector.
Parliament’s Joint Committee on the National Security Strategy said ministers had “no real sense of the scale of the problem” and lacked ideas on how it could be addressed.
The committee, which brings together MPs and peers, said last year’s WannaCry attack which hit the NHS particularly hard – but did not specifically target the health service – had demonstrated the need for vigilance and provided evidence of the risks that critical national infrastructure was exposed to.
But it said that consistent concerns expressed by industry were being met a lack of detailed analysis of which sectors and specialisms were most acutely affected. It also pointed to delays in a standalone skills strategy designed give impetus to better match the supply of skills to demand as evidence of a lackadaisical attitude on the part of government.
The committee said the strategy had been promised in November 2016 but was now not scheduled to be published until December this year.
- Government invests £15m to boost cybersecurity of Commonwealth nations
- Local Government Association calls for Budget to provide cybersecurity funding to councils
- Every Welsh NHS entity to get cybersecurity review as part of £5.5m digital health investment
Committee members said that it was not enough that the Department for Digital, Culture, Media and Sport had been identified as the lead ministry for the issue and called for a minister to be allocated to lead on cybersecurity skills.
They also called on the government to put in place “robust mechanisms for cross-government co-ordination and co-operation” on the issue.
Committee chair Dame Margaret Beckett said that not only was there a problem with the availability of people with cybersecurity skills but also a problem with the “worrying lack of focus” displayed by the government in dealing with the situation.
“We’re not just talking about the ‘acute scarcity’ of technical experts which was reported to us; but also the much larger number of posts which require moderately specialist skills,” she said. “We found little to reassure us that government has fully grasped the problem and is planning appropriately. We acknowledge that the cybersecurity profession is relatively new and still evolving and that the pace of change in technology may well outstrip the development of academic qualifications. However, we are calling on government to work closely with industry and education to consider short-term demand as well as long-term planning.”
Beckett said that “as a very first response” the government should work in close partnership with the CNI sector and providers to create a cybersecurity skills strategy that would give clarity and direction.
“It is a pressing matter of national security to do so,” she said.
Steve Barclay urges greater reporting of attacks
Union chief criticises as ‘reckless’ ministers’ intention to return Whitehall headcount to 2016 levels
Recommendations from a parliamentary committee for dedicated boardroom space at UKRI are unheeded
Jacob Rees-Mogg’s efforts to fill departmental offices have been criticised by an array of people