UK gov wants teens to practice cybersecurity in their spare time

Teenagers are being encouraged to apply for the scheme where they’ll learn through ‘games, challenges, and projects’

The UK has a shortage of cybersecurity professionals and the gulf could get wider as an increasing number of cyberattacks take place. To counter this, the government is set to plough millions of pounds into training new talent.

The newly-renamed Department for Digital, Culture, Media and Sport has announced it will create a ‘Cyber Schools Programme’ and give it £20 million to train young people.

“To make sure the UK is prepared for the future and ready to tackle the growing threat posed by cyber criminals, we want to help young people learn some of the skills needed to work in the cyber security profession,” the government’s web page on the scheme says.

The programme is intended to teach teenagers, aged 14-18, the basics in “digital forensics, defending web attacks, programming and cryptography”. This will be done through “games, challenges, and projects”. It’s described as “extracurricular”.

“You will also learn the importance of cyber ethics and how to use the newly learned skills in a positive manner,” the government says. The scheme is due to launch at the start of the next school year and those wanting to take part have to complete a test to see if they are “suitable”. Digital minister Matt Hancock says the scheme aims to train 5,700 teenagers by 2021 and the programme has been designed by BT Security, the SANS Institute, FutureLearn and the Cyber Security Challenge.

“The sector is too heavily reliant on professional certifications and qualifications,” James Hadley the CEO and founder of Immersive Labs tells WIRED. The startup, which is part of London’s burgeoning cybersecurity startup scene, allows businesses to teach staff members how to defend against ransomware attacks and other cybersecurity threats.

Hadley says employers can be too reliant on technical degrees, often use outdated examples, and classroom teaching is difficult to scale. “The market cites the need for increased diversity and accepting non-traditional sources of education. However, the majority of entry level cyber roles require a 2:1 in a computer science degree together with Certified Ethical Hacker or CISSP,” he says.

The announcement of the schools’ programme comes at a time when UK security officials have warned that the UK does not have enough suitably trained cybersecurity professionals. Former GCHQ boss Robert Hannigan has predicted that the UK will have a “huge skills shortage” by 2025. According to the Financial Times, Hannigan said he had pushed for more women to be introduced to cybersecurity roles. “People will look back in ten years time and ask: ‘Why did we not do something earlier?'” he said.

The UK government in 2016 announced it would invest £1.9 billion into the country’s cybersecurity plan. This incorporates training new professionals, defence, and also developing the UK’s ability to “damage, disrupt and destroy”, through its own offensive cyberattacks. The National Cyber Security Centre, created with some of this funding, officially opened in February 2017 and was involved in the response to the WannaCry ransomware cyberattack that brought large parts of the NHS to a standstill.

Separately, security industry association ISC Squared has predicted that there will be a global shortfall of 1.8m cybersecurity experts by 2022. “We’re not growing, we’re not expanding, we don’t have the tens of thousands of cybersecurity professionals joining the industry, we’ve got a greying profession,” Adrian Davis, ISC’s managing director said in February.

Source:http://www.wired.co.uk/article/cyber-skills-uk-cybersecurity-skills-shortage