How the government intends to close the cyber security skills gap

Sooraj Shah asks universities and science minister David Willetts and education secretary Michael Gove about the government's plans to bolster the nation's security skills

Computing: How important is cyber security within the plans to revamp the ICT curriculum?

David Willetts: The Department for Education recently published a revised national curriculum framework and programme of study for computing, including references to the safe use of technology and to protecting online privacy and identity at key stages 3 and 4.

Through the National Cyber Security Programme (NCSP), the Department for Business, Innovation and Skills is also supporting targeted cyber security learning.

Do you believe that current initiatives to get more people into the cyber security profession - like the Cyber Security Challenge - are working? (This year's winner decided not to take up a role in cyber security).

Willetts: The Cyber Security Challenge is a success. Since its launch in 2010, over 10,000 people have registered. It is sponsored by more than 50 organisations including the Cabinet Office and GCHQ, industry, professional bodies, universities and public-sector organisations.

Within the past three years, over £200,000 of career-enabling prizes have been awarded to participants of the Challenge. In addition, it provides a wealth of careers resources and information for the aspiring cyber professional.

The issue does not seem to be that there is a dearth of talent, but rather that there is no clear pathway into the cyber security profession from education - how do you intend to put this right?

Michael Gove: We need to keep young people's options open as much as possible. The new computing curriculum for key stages 1 to 3 - to age 14 - will give all pupils a firm grounding in the fundamentals of computer science, as well as skills in programming and the application of digital tools to address practical problems.

I hope that many pupils will choose to study computer science beyond this. New GCSEs are now in place, which are a sound basis for progression into more specialist routes within the computing field, such as cyber security.

Willetts: Work is under way to both strengthen and raise awareness of the variety of potential entry routes to the cyber security profession. This is vital if we are to harness the interest shown by new young talent, and provide effective stepping-stones for those already in the workforce but keen to enter this field.

The Cyber Security Learning Pathways project led by the IT National Skills Academy is testing a self-assessment tool to help people considering cyber security work identify particular gaps in their capabilities and experience.

In addition, there are several initiatives backed by the NCSP that are helping to highlight cyber security as an attractive career option, including the Cyber Security Challenge, the development of a cyber security profile within the Graduate Prospects careers website, and a pilot employer-sponsored MSc bursary scheme.

[Turn to the next page]

How the government intends to close the cyber security skills gap

Sooraj Shah asks universities and science minister David Willetts and education secretary Michael Gove about the government's plans to bolster the nation's security skills

The government intends to spend £9m on cyber security education and awareness - what exactly will the government do with that money?

Willetts: Through the NCSP we are investing heavily in skills, research, education and awareness to improve cyber security capability in the UK. We are:

• establishing 11 new Academic Centres for Excellence in Cyber Security Research;
• improving cyber security skills among the public sector including the police and military;
• establishing Centres of Doctoral Training to facilitate PhDs in Cyber Security;
• supporting initiatives such as the Cyber Security Challenge;
• working through multiple initiatives to embed cyber security throughout schooling and higher education, to help develop future skills.

To strengthen awareness of cyber security, the government has announced a £4m e-Confidence initiative targeting groups of individuals and small businesses. This includes an education element encouraging young people to take and keep control of their online lives.

Should it be a mandatory requirement for students to study cyber security at a certain stage?

Willetts: The approach of the NCSP has been to encourage wide awareness of the excitement and practicality of entering cyber security as a profession, and support the development of appropriate skills and security awareness among a generally digitally-capable workforce and society.

This starts from primary school where pupils are taught about using the internet securely, the importance of choosing secure passwords and about email threats, and continues throughout a pupil's school career.

As pupils go on to study GCSEs and A-levels, it is important that they develop an understanding of why security is important in the design, development and implementation of technology.

Gove: Children and young people should understand the importance of keeping information secure and know how to guard against threats of online fraud and other types of cyber crime.

We have revised the computing curriculum in the light of advice from experts in this area including CEOP and Childnet, who specialise in protecting children online. We have set a clear expectation that children will be taught how to use the internet securely, and I welcome the publication of excellent resources for teachers to help them do this, including those from Get Safe Online and e-skills' "Behind the Screen".

Computing's Securing Talent campaign aims to raise awareness of the growing need for people with cyber security skills in industry and government, and for clearer pathways into the cyber security profession.