Cath Goulding
Head of Information Security
Cyber security vacancies are opening up faster than the talent emerges to fill them. As schools begin to teach computing skills and coding, selling STEM subjects to curious youngsters, there is a risk that we may overlook the other key roles within cyber security that don’t require technical skills but are just as crucial to support the industry.
Alongside the coders, data scientists and data analysts, the cyber security industry needs lawyers, policy makers and strategists. We need intelligent, educated people with creativity and critical thinking skills – and an interest in cyber security. STEM degrees are unnecessary for some positions, but how do these people get their break without a qualification to back them up?
One of the great initiatives working to sell this side of cyber security to young people is the Cyber 9/12 contest, which arrives in London at the end of February. The name makes reference to the idea of ‘Cyber 9/11’ or ‘Digital Pearl Harbour’, questioning what the policy makers might do following a catastrophic event, and is an initiative by the US international affairs think tank, Atlantic Council.
Now in its fifth year, Cyber 9/12 is an international cyber policy competition that tasks teams of university students to develop national security policy recommendations to tackle a fictional cyber catastrophe. These policies must be presented to a panel of national experts, with teams rewarded on the quality of their written work, oral presentation, teamwork and creativity.
For the UK, this is the first cyber security strategy and policy event of its kind and is being supported by key organisations including NCSC, the Cabinet Office and the Royal United Services Institute. Not only is this a means of promoting the range of roles within cyber security, it is also an exciting way for students to experience real-world cyber security scenarios. Those involved get the chance to meet and engage with expert mentors and high-level security professionals. For anyone curious about working in the sector, it’s an opportunity to benchmark their own abilities and could even open the doors to career possibilities they may not have previously considered.
Once the seed of an idea has been planted and cyber security strategy roles start to raise their profile, how do we support those keen from different disciplines to turn their intelligence and enthusiasm into a real career? One of the most successful means is through apprenticeship schemes. As part of the National Cyber Security Programme, the Government offered 23 cyber security apprenticeships in a pilot scheme; they received over 1,200 applications in three weeks.
Nominet is one of the firms involved in the scheme. We currently have our own pair of cyber security apprentices who are learning about all areas of the role to prepare them for a career in whatever specialism they find most compelling. Our apprentices come from different backgrounds but both recognised the apprenticeship was a means to get their foot in the door in an industry without technical qualifications.
Chris Underwood joined us with a geography degree and enthusiasm. “I wanted to take up the apprenticeship to gain cyber security qualifications, using experience I’d already gained in other businesses and at uni, and gain practical work experience at the same time,” he says.
The role is expanding his options; “I am constantly learning of the new career paths and opportunities within security which I was unaware of before entering the industry.” Curious minded and highly intelligent people who may lack a STEM qualification have a major role to play within the cyber security industry and we must encourage and support them to succeed.
Dominic Rivett switched from a computer games programming degree to this apprenticeship after recognising that the technical detail of the course didn’t suit him. He also recognised that the ever-evolving cyber security arena was an exciting place to be.
“As for my ideal role in the future,” says Dominic, “I am still undecided due to the vast quantity of roles available in the space. From researcher to analyst to penetration tester, there is just so much to choose from! Right now, I am focusing on absorbing as much of it as possible.”
Our two young men – and the many other cyber security apprentices across the UK – are learning that selecting cyber security as their point of focus doesn’t limit their options but multiplies them. These intelligent, enthusiastic and open-minded recruits now have the opportunity and environment in which to learn and grow, developing their own skills and interests before stepping into a role that suits their capabilities.
Coding and technical roles are only a small part of the cyber security industry. We need to build a workforce that brims with the best and brightest minds from all manner of backgrounds. A multi-faceted cyber security workforce will broaden our reach and mature our capabilities as an industry and a country, enabling the UK to become a more agile, creative and secure digital environment as we move into a new digital age.