How to Conquer the Digital Skills Gap -TEISS® : Cracking Cyber Security

kids in the worksplace

How to Conquer the Digital Skills Gap

TEISS guest blogger, Kevin J Smith, Senior VP at Ivanti, talks us through the steps to tackle the digital skills gap to ensure that businesses can continue to grow, innovate and remain secure.

Most businesses have well and truly moved into the digital age. So, as companies continue to look out for new ways to optimise their business output and capture attention through innovation, the concept of digital transformation has become increasingly popular and necessary.

According to IDC, 55 percent of European organisations have developed strategies for, and are currently undergoing the first two stages of, the digital transformation process. IDC also predicts that by 2027, 75 percent of all organisations worldwide will have “digitally transformed”.

However, it isn’t going to be an easy road to digital transformation for UK businesses, as the country is arguably facing a digital skills crisis. Between 2015 and 2017 there was only a very minor increase in the amount of European businesses actually beginning the digital transformation process.

So, what is slowing them down? IDC claims that 24 percent of businesses aren’t implementing digital strategies due to a lack of talent, while a further 23 percent blame an overall lack of knowledge. If this lack of talent and knowledge isn’t resolved, we will face a severe impact on the UK’s productivity and economic competitiveness.

To highlight the severity of this, the UK House of Commons’ Science and Technology Committee have held numerous sessions and developed multiple reports discussing this issue and how to resolve it; the second report of session 2016 – 2017 stated that, “only urgent action from industry, schools and universities and from the Government can prevent this skills crisis.”

Furthermore, in today’s troubling cybercrime environment, businesses need talented teams to constantly maintain their security. And the cyberattacks hitting organisations at the moment aren’t to be sniffed at. Just look at the attacks that from last year, such as WannaCry and NotPetya that were able to completely shut down commercial and public sector organisations, as well as pretty much the entirety of Ukraine.

To make this scene even bleaker, the cybersecurity industry alone is projecting a staffing shortage of 1.8 million unfilled jobs globally by 2022 according to Frost & Sullivan. Alarmingly, Cisco’s 2017 Annual Cybersecurity Report found that nearly half of security alerts that are flagged go uninvestigated, due to a lack of resource.

All of the above just reassert how important it is that we urgently start taking steps to tackle the digital skills gap to ensure that businesses can continue to grow, innovate and remain secure.

Also of interest: What cultural factors contributed to the Panera Bread breach? 

Nurturing The Talent

In order to begin to fix this issue, we need to start at the source of the talent pool. This means using more resources to excite school students about STEM subjects, so as to encourage them to pursue higher qualifications. At the moment, research shows STEM engagement decreases in secondary schools, with participation in Mathematics and Science declining by 74 percent amongst girls and 56 percent amongst boys.

As a consequence of this, less than one in ten students in the UK leave secondary school with an A-level in Mathematics or Physics. This has resulted in a rather bleak national crisis, where in a ranking of numeracy levels in a list of 23 developed countries, the UK only comes in at 22nd – just beating the US. These statistics compound the fact that engaging better with young people needs to be the first step in tackling the digital skills gap.

While the solution is clear, producing fresh young talent takes time. Businesses need to do more in partnership with the government and the education system in order to motivate young people to move into the digital space, but things also need to be done now.

Also of interest: Security by design: greater need for governance?

Breaking The Siloes

In order to ensure that progress is being made now, those in the digital space need to work together and pool their resources to leverage the collective wisdom of the business. At the moment, many employees working in digital roles are siloed into one single, often quite specialised, area of technology.

Unfortunately, this approach no longer matches the evolution of the business world. For example, IT and security are increasingly moving closer together, so technical staff need to have flexible skills that allow them to evolve as technology does. They also need to become more closely aligned with the goals of the business as a whole, rather than just IT or Security goals.

Doing things like creating new, more business-minded, job titles and implementing compensation structures and revenue targets will motivate those within technical roles to actively drive an increase in business efficiency within the organisation. This would also help to begin to break down the rigid, siloed structures that exist within the digital space.

Furthermore, the sheer amount of cyberattacks that have hit businesses over the last year has meant that digital departments, especially the Security department, have become critically important. This, along with the fact that technology has become synonymous with business success, has meant that CIO’s and CISO’s responsibilities and overall importance has been escalated. This has opened the “CEO door” to those who previously were restricted to more technical roles.

It has become incredibly important that CEOs should not just be business minded, but should have technical knowledge as well.  Not only will this encourage more talent to pursue digital roles, but this may also encourage technical people to seek out more business training. Similarly, all employees should receive some technical training with the incentive of high-level career progression.

Also of interest: WannaCry, one year on…

Diversity is Key

When considering how to tackle the skills gap, businesses need to make use of all the resources that are available to them. One key resource that technical departments are massively under utilising is women.

Women make up over half of the UK’s population, but according to the WISE campaign for gender balance in science, technology and engineering, only 15% of computer science graduates in 2016/17 were women - that’s only 3,015 people.

As Forrester argued in a recent report, the lack of women in technology is due to ingrained long-standing biases within recruitment tactics that often fail to target and attract women. For example, recruiters often seek out candidates with military backgrounds and use military jargon to describe cybersecurity roles, limiting the applicant pool.

The report also stated that cybersecurity leaders need a defined strategy to recruit and retain women. This should not only promote recruitment of female cybersecurity professionals, but also encourage the creation of an internal culture suited to retain and develop employees for the long term.

Also of interest: A new approach to cyber security: retail industry

Delegating To Technology

Another way that technology professionals can ease the burden of their workload is to delegate a number of tasks to technology. When it comes to cybersecurity, it is critical that organisations implement a layered defence against attack that ensures all basic tasks, such as patching, application whitelisting, privilege whitelisting and end-user cybersecurity training and awareness are all automatically being processed.

Furthermore, automated endpoint detection and response (EDRS) solutions can “cut down the noise” produced by the volume of cyberattacks that hit an organisation every day.

If a cybersecurity team is having to deal with 10,000 security incidents, they are more likely to miss a data breach already in progress. However, if automated EDRS is dealing with the more trivial and common threats, the security team are able to better use their limited resources on proactively defending against, and defeating, the more complex, damaging threats.

Ultimately, the digital skills gap issue cannot be solved in a day. There needs to be a structured plan in place that forces organisations to begin to change their internal cultures. Technical roles need to be seen as stepping stones to leadership, businesses need to diversify and make a conscious effort to attract women into digital teams, and organisations need to embrace the power of technology to help them succeed in our increasingly digital world.

 

Comments

Get the latest cyber news in your inbox

Join our community of cyber professionals today!