The UK digital skills gap is a serious issue for all industries. Businesses are in urgent need of upskilling employees, while sourcing job applicants with sufficient skills to take on roles is proving increasingly difficult.
The skills shortage is particularly prevalent in cybersecurity. The pandemic has, to put it in very general terms, seen us move further into a digital-first world. Remote working has become the norm, while products and services have increasingly migrated into the digital space.
As a result, businesses and consumers alike are more reliant on technology than ever before. This greater reliance on tech, in turn, increases cybersecurity risks. Indeed, ransomware attacks increased at an alarming rate last year.
As the threat has become more prominent during the pandemic, the skills crisis has worsened; according to a 2021 government study, the UK’s cybersecurity recruitment pool has a shortfall of 10,000 people a year. Undoubtedly, this needs to be addressed.
A huge amount is at stake
The stakes are extremely high. Cyberattacks have become more prevalent and the risks associated are ever more severe.
The DCMS Cyber Security Breaches Survey 2021 offers some context as to the extent of the problem. Four in ten businesses (39%) had reported cybersecurity breaches or attacks in the preceding 12 months. Of those, 21% ended up losing money, data or other assets; 35% said they were negatively impacted regardless, for example, because they require new post-breach measures, have staff time diverted or suffer wider business disruption.
Cybersecurity breaches carry significant risks to businesses – financial, reputational, and technological. It is of utmost importance that attacks can be repelled effectively, but returning to the initial point raised, this is difficult when there are too few people with the right skills to help lead the charge.
Cybersecurity skills: a focus on people
Cybersecurity requires a marriage between technologies, processes, and people. Indeed, IBM suggests that human error is responsible for 95% of cyber breaches.
Fundamentally, then, we must find ways of ensuring employees possess sufficient cybersecurity skills. Moreover, these skills should not be limited to those working in the IT department or specialist cybersecurity positions; having individuals within the company with practical cybersecurity training can prove hugely valuable in improving cybersecurity resilience.
Where can this training come from? Schools and universities naturally have an important role to play in ensuring young people entering the workforce possess cybersecurity skills. However, it would be both unfair and unrealistic to assume the education sector can tackle this independently.
Instead, public and private sector collaboration will be required to implement other training avenues – digital skills bootcamps are a prime example of this.
These are free, flexible courses for adults aged 19 and over who are either in work or recently unemployed. The bootcamps, which typically last for anything between 12 and 16 weeks, give people the opportunity to build sector-specific skills.
Employers can benefit in two ways: they can provide interview opportunities to people who have up-to-date digital skills training, or they can upskill existing employees by enrolling them on the courses.
With a £7m grant, WMCA has piloted over 30 digital bootcamps and trained around 2,000 adults with essential tech skills. As UKTN reported in early November, we recently unveiled our next round of bootcamps; £21m has been made available from the Adult Education Budget to fund the new bootcamps over the next three years, with a target of supporting more than 4,000 people.
Cybersecurity is a key pillar within the bootcamps WMCA is overseeing – as indeed it is among other combined authorities. Crucially, the training provided is the result of public sector funding combined with industry-led tuition, which helps ensure the courses are relevant and reflective of the demands of employers.
Clearly, digital skills bootcamps will have a significant role to play in developing tech talent. Again, this will not only mean more individuals who go on to work in the cybersecurity industry or specialist cybersecurity positions; it will also produce people who work in other roles, from marketing and analytics to coding and development, who are cybersecurity savvy.
Accordingly, I would encourage employers to search for existing digital skills partnerships in their area, and if possible, interact with the courses as a very focused, practical means of improving their access to necessary digital skills training.
Julie Nugent is the director of productivity and skills at West Midlands Combined Authority (WMCA). Established in 2016, WMCA is a group of 18 local councils and three local enterprise partnerships (LEPs) working together to make the West Midlands region a better place to live and work.
The West Midlands Digital Skills Partnership brings together the region’s leading tech employers, digital entrepreneurs, Local Enterprise Partnerships, the Department of Culture Media and Sport, as well as universities, colleges and other training providers. Their aim is to identify what digital skills provision is needed across the West Midlands and encourage partners to work together to address these and emerging needs, and to attract and retain investment and talent in the region.