GCHQ is struggling to retain internet specialists in the face of competition from the private sector (Credit: Ministry of Defence)

Dearth of IT experts threatening UK cyber-security

A lack of skilled IT specialists is hindering Britain's cyber-security capabilities and it could take two decades to fill the gap.

Spending watchdog the National Audit Office (NAO) has said the number of IT and cyber-security professionals in the UK has not increased in line with the growth of the internet after government, education and business representatives told the body the country lacks technical skills and the current pipeline of graduates will not meet demand.

The cost of cyber-crime to Britain is currently thought to be up to £27 billion a year and the Government previously pledged £650 million in additional funding to its National Cyber Security Programme.

NAO head Amyas Morse said: "The threat to cyber security is persistent and continually evolving.

"Business, government and the public must constantly be alert to the level of risk if they are to succeed in detecting and resisting the threat of cyber-attack."

The Government's strategy has already started to deliver benefits, the NAO said, with the Serious Organised Crime Agency catching more than 2.3 million compromised debit or credit cards since 2011, preventing a potential loss of more than £500 million.

But the watchdog warned ministers must address the country's current and future cyber security skills gap, which includes a need for psychologists and law enforcers, as well as technical staff.

Education officials interviewed by the NAO said it could take "up to 20 years to address the skills gap at all levels of education".

The report on the NAO's review of the strategy for cyber security, said: "Interviews with government, academia and business representatives confirmed that the UK lacks technical skills and that the current pipeline of graduates and practitioners would not meet demand.

"A number of government departments commented that the UK depended on a small number of highly skilled people to participate in developing international technical standards.

"Interviewees were concerned about a lack of promotion of science and technology subjects at school resulting in the reported lower uptake of computer science and technology courses by UK students."

A shortage of IT and computer science experts has been raised before by ministers, while attracting and retaining talent is also a concern.

In 2012, the Intelligence and Security Committee highlighted GCHQ's inability to retain internet specialists in the face of competition from the private sector.

The Government will also struggle to demonstrate the success of its multi-million pound strategy, the NAO said, as it will be measuring outcomes when the desired result is for nothing to happen.

MP Margaret Hodge, chair of the Public Accounts committee, said: "The use of the internet for commerce and communication is a force for good, but it also poses new and growing threats that government, businesses and individuals cannot ignore.

"With around 80 per cent of the internet in private hands, crossing international boundaries and spanning different jurisdictions, the Government cannot approach internet security in isolation.

"Having a robust and well thought-through strategy is crucial if the Government is to respond effectively to cyber threats."

A Cabinet Office spokeswoman said: "Although we continue to face serious challenges the UK is on a stronger footing today than we were 12 months ago as we're addressing issues of cyber-crime and threats to national security and have achieved unprecedented partnership with industry.

"We agree that skills are crucial to cyber-security which is why we are investing heavily in research and education through establishing new centres for excellence in cyber-security research, cyber-security skills among the police forces, centres of doctoral training in cyber-security and supporting initiatives such as the cyber-security challenge which uses innovative approaches to recruiting new talent into the cyber-security sector."

Shadow cabinet office minister and IET fellow Chi Onwurah,  said: "There is some welcome progress in this report, but as the NAO make clear there is significant room for improvement in leadership and co-ordination.

"This is symptomatic of this Government's ad hoc approach. The NAO also highlight the lack of support from ministers for the next generation of British cyber-security experts.

"Cyber-security is a significant opportunity as well as a threat to our future defence and economic prosperity, and Ministers need to ensure that we have the skills we will need ten years down the line."

But the IET's cyber-security lead Hugh Boyes said the organisation was already addressing the problem.

“At the IET we have been working with the Cabinet Office to ensure we have a better mix of skills for the future.  One of the ways we intend to do this is by building software engineering best practice into undergraduate university degrees and encouraging more students to undertake postgraduate study of cyber-security.

“With a bigger pool of suitably qualified graduates we can improve cyber-security by making software more secure, dependable and reliable.”

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them