Security CTOs argue over the merits of UK graduates

The CTOs of security firms Kaspersky and McAfee disagree over the abilities of UK graduates

For several years firms have complained of the dearth of IT graduates entering the job market from university, and this problem is all the more stark in the security sector.

The government, in tandem with the private sector, has attempted to address the problem by initiating the Cyber Security Challenge, a regular series of competitions designed to raise awareness of the potential of careers in security.

"[UK cyber security skills] are wholly inadequate," said Baroness Neville-Jones in a lecture at the Global Strategy Forum earlier this year.

But according to at least one leading firm, the problem in the UK is not just the scarcity of graduates, but the paucity of their skills.

Nikolai Grebbenikov, CTO of security firm Kaspersky told Computing that graduates of the UK's education system compare unfavourably in some areas with those from Russia.

"Our UK employees find it harder to understand new areas, and multiple projects. Whereas our employees in our Moscow headquarters have a broader understanding of different issues."

He added that sometimes it's necessary for Russian staff to work with UK-based employees to help them to improve their understanding.

"We currently see better performance from some of our UK staff when they work directly with Russian employees, they help to apply their knowledge to new areas."

However, Grebbenikov's views jarred badly for Raj Samani, CTO of rival security company McAfee.

"It's dangerous to stereotype a nation, or the graduate pool from an entire country. We would do our level best to try to understand the competence of the individual themselves, and their capabilities, as opposed to something as simplistic as their postcode."

[Turn to next page]

Security CTOs argue over the merits of UK graduates

The CTOs of security firms Kaspersky and McAfee disagree over the abilities of UK graduates

McAfee is working with various educational institutions in an attempt to improve the numbers of graduates seeking a career in cyber security, and the quality of the courses.

"We're working hard to strengthen our relationships with academia so they understand which are the most relevant topics for their courses."

Grebbenikov attempted to explain his views by drawing on his own experience at university. He said that his course at university was taught by eight different departments, which resulted in a much broader scope.

"Our course had eight different faculties. In the first year we were focused on the core department, but over the following four years we were mostly taught by lecturers from the other seven areas, which provided a good understanding of wider topics.

"Because of that I'm now as comfortable talking to systems developers as IT managers."

Although Grebbenikov claims to see marked differences in graduates and other employees between the UK and Russia, not all of these cast Britain in a negative light. He adds that UK staff are generally better when it comes to practical skills.

"Sometimes I see a more pragmatic view from UK employees investigating a problem, compared to the approach a Russian employee might take. This might be down to a more practical, hands-on style in UK university courses.

"Russians are more theoretical, and generally adopt a more analytical approach."

He also explained that in his experience, UK-based staff are more likely to benefit from advanced soft skills, and are better able to build relationships.

"UK employees have a better understanding of people and relationships, so we're not necessarily talking about the hard skills. Almost all UK people [in my experience] are much better at communication.

"They try to understand the perspectives of people with opposing views, and are more open to debate. This is a good example of the sorts of skills UK staff need to teach our Russian employees. It's this willingness to find compromise."