Cybersecurity incidents are among the most dangerous threats that organisations face today writes Julie Nugent, Director of Productivity and Skills, West Midlands Combined Authority.
The COVID-19 pandemic has only exacerbated this issue, creating new challenges now that remote working is more commonplace and society reliance on technology has generally increased.
Some data from last year offers useful context as to how prevalent the problem is. The Cyber Security Breaches Survey 2021 found that among those identifying any breaches or attacks, half of businesses (49%) and over two fifths of charities (44%) say this happens once a month or more often.
What’s more, not only are cyber threats becoming more common, but it is also harder for organisations to equip themselves to defend against them due to a worsening skills shortage. According to a 2020 report from Department for Digital, Culture Media & Sport (DCMS), around two thirds (64%) of cyber firms have faced problems with technical cybersecurity skills gaps, either among existing staff or job applicants, despite it being the most sought after tech skill.
Indeed, this is a situation that needs resolving urgently if businesses are to succeed in their post-pandemic recovery.
Disastrous for businesses
The risks associated with cyber-attacks are severe, as most organisations are well aware. A survey by PricewaterhouseCoopers (PwC) revealed that eight out of ten (79%) UK CEOs fear cyber-attacks as the biggest threat to their business.
This is understandable when you consider the ranging impacts a cyber breach can have on their business. In a 2021 survey, 23% of UK businesses stated that their organisation lost between £10,000 and £49,000 as a result of data breaches.
Furthermore, there are indirect financial losses that can be associated with cybersecurity, such as loss of company time to recover after a breach, and reputational damage.
Such attacks occur at all levels, with the NHS, retailers Boots and Tesco, and a collection of oil companies across Europe examples of more prominent victims. Meanwhile, almost a third (28%) of data breaches in 2020 involved small businesses, with ransomware the primary method.
Undoubtedly business leaders must make cybersecurity a priority. And this brings us back to the earlier point of skills shortages, and how businesses can adequately protect themselves.
Wider access to training
Primarily, breaches in cybersecurity come down to a lack of training and knowledge. According to the previously mentioned DCMS report, around 653,000 organisations in the UK are unable to carry out basic tasks like setting up firewalls, storing data, and removing malware.
For you
Be part of something bigger, join BCS, The Chartered Institute for IT.
In truth, most breaches result from human error (IBM estimates 90%) – and attackers know this. For this reason, from the top-down, businesses should focus on providing relevant cybersecurity training. And while shortages in advanced tech skills must be addressed, maintaining a workforce with practical cybersecurity skills at every level creates a more secure digital environment.
Indeed, to achieve this, public and private sector collaboration will be required to implement training avenues – digital skills bootcamps are a prime example of this. These are free, flexible courses for adults aged 19 and over who are either in work or recently unemployed. The bootcamps, which typically last for anything between 12 and 16 weeks, give people the opportunity to build sector-specific skills.
Employers can benefit in two ways: they can provide interview opportunities to people who have up-to-date digital skills training, or they can upskill existing employees by enrolling them on the courses.
With a £7 million grant, WMCA has piloted over 30 digital bootcamps and trained around 2,000 adults with essential tech skills. As reported on UK Tech News in early November, we recently unveiled our next round of bootcamps; £21 million has been made available from the Adult Education Budget to fund the new bootcamps over the next three years, with a target of supporting more than 4,000 people.
Cybersecurity is a key pillar within the bootcamps WMCA is overseeing – as indeed it is among other combined authorities. Crucially, the training provided is the result of public sector funding combined with industry-led tuition, which helps ensure the courses are relevant and reflective of the demands of employers.
Clearly, digital skills bootcamps will have a significant role to play in developing tech talent. Again, this will not only mean more individuals who go on to work in the cybersecurity industry or specialist cybersecurity positions; it will also produce people who work in other roles, from marketing and analytics to coding and development, who are cybersecurity savvy.
Accordingly, I would encourage employers to search for existing digital skills partnerships in their area, and if possible, interact with the courses as a very focused, practical means of improving their access to necessary digital skills training.
About the author
Julie Nugent is the Director of Productivity and Skills at West Midlands Combined Authority (WMCA). Established in 2016, WMCA is a group of 18 local councils and three local enterprise partnerships (LEPs) working together to make the West Midlands region a better place to live and work.
The West Midlands Digital Skills Partnership brings together the region’s leading tech employers, digital entrepreneurs, Local Enterprise Partnerships, the Department of Culture Media and Sport, as well as universities, colleges and other training providers. Their aim is to identify what digital skills provision is needed across the West Midlands and encourage partners to work together to address these and emerging needs, and to attract and retain investment and talent in the region.