Showing posts with label skills gap. Show all posts
Showing posts with label skills gap. Show all posts

Monday, 20 June 2016

How Lord Hague’s talk at InfoSec 2016 affects you

 By Sarah Morgan

It is vitally important to be aware of what is changing in the cyber security industry so you and your business aren’t left vulnerable to cyber attacks. The keynote speaker at InfoSec 2016, the Right Honourable Lord Hague of Richmond, gave some valuable advice to UK businesses on how to ensure their IT security can be successful in the long term. Here, we break down what these comments mean for you, your business and the industry as a whole.

“Move with the times”

Lord Hague’s speech mainly focused on how industry leaders need to be particularly aware of the “critical economic importance” of cyber security. In 2015 it was reported that cyber attacks cost the UK economy £34 billion a year, affecting 1 in 4 UK businesses. Reinforcing that all businesses are at risk of an attack and cannot afford to become complacent with IT security.

Image courtesy of Sira Anamwong /
He went on to recognise that the speed of technological growth is having huge implications on the IT security measures businesses need to take. He warned, “being connected has a real price on security”. Alongside this, he cited the recent hacks of Mitsubishi and Jeep. By embracing new technologies and adding Wi-Fi connectivity, their vehicles have become hackable.

However, the former Conservative leader did present an encouraging solution to the industry. He asked business leaders to work together to create “a network of partnerships”. There was emphasis on the need for change, “moving with the times”, embracing technological advancement and strengthening cyber security together.

Hague then reinforced that creating partnerships can help us achieve this. Increasing and nurturing partnerships increases inter-business communication, shares skills and technology and grows opportunities to improve security. With the average cost of a cyber attack increasing by 14% year on year, this highlights the need to invest more time and money to protect our businesses.

Lord Hague’s InfoSec 2016 speech reinforces the industry wide need for more IT security skills to protect the data and finances of UK’s businesses. His focus on forming security partnerships as a long term solution, places the responsibility on the collective shoulders of business leaders to work together, improving security infrastructure. With these new partnerships in place, businesses will be able to develop the skills of security professionals, collectively strengthening the nation’s IT security.

How does this affect my business?

Businesses must make extra efforts to
protect their assets from cyber attacks -
Image courtesy of Sira Anamwong /
The frequency and sophistication of cyber attacks is increasing. Just last week MySpace were the victim of what could be the largest attack ever, breaching 427 million passwords. The implications of these hacks could have financial costs of many millions to MySpace. The need for all businesses to increase their IT security efforts, ensuring they don’t lose vast amounts of sensitive data and enormous sums of money, has never been higher. 

However, tightening IT security is a complex task. This need could not have come at a worse time as currently, there aren’t enough skilled cyber security professionals to meet demand. (ISC)2’s 2015 Global Information Security Workforce Study projects there will be a shortfall of 1.5 million unfilled roles in five years time.  This will make it difficult for the industry to implement the changes Lord Hague is anticipating. Therefore, in order to protect your business and build IT security partnerships, it is vital to develop the skills of your IT security professionals.

How do I ensure my business is protected?

Image courtesy of Jon Whiles /
Businesses need to take immediate action, starting with increasing their cyber security skills. Extra commitment is now coming from the government to support this. For example, an investment of £1.9 billion into cyber security was announced by the government back in November 2015. Much of the government money will be invested in the two new Cyber Security apprenticeships, Analyst and Technologist. This’ll give businesses funding to bring new professionals into IT security and boost their skills.  It will also give businesses opportunities to increase their investment in IT security training, improving the skills of established IT security professionals.

Improve the cyber security skills in your business

Outside of apprenticeships, there are certifications and training courses at every level of IT security, that can give your business the skills throughout every level of the organisation. For example, your team can get entry level courses like CompTIA’s Security+, which builds upon IT foundations. After five years of security experience, your team can progress onto courses like ISACA’s CISA or CISM courses, gaining the beginnings of specialisation into the technical or management areas of IT security. Once your team have developed their skills further and have more experience, they can get advanced skills with certifications like (ISC)2’s CISSP or CCSP. Alternatively, your team can specialise with EC-Council’s Certified Ethical Hacker.

Plus, Firebrand have now added five new cyber security courses that teach you the latest cyber security skills to protect your business:

Firebrand’s accelerated cyber security courses are the fastest way to improve and validate your specific security skills, before you’re hacked and facing enormous costs.

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Monday, 29 February 2016

2016's Cyber Security skills gap

 By Sarah Morgan

The growing IT skills gap and its implications for the global economy is a known issue throughout the industry. It’s the net result of an industry outpacing the supply of professionals needed to facilitate employer demand, effectively stifling growth. Cyber security is an area within IT where the demand for professionals continues to grow. This is due to greater number and publicity of cyber-attacks on all businesses. If not addressed, implications could be serious with attacks likely to continue to grow in frequency and severity.

ISACA are makers of major security courses like the Certified Cybersecurity Practitioner CSX, CISA, CISM and CRISC, and they’ve recently produced an infographic that has revealed some interesting and eye-opening statistics. These statistics have come from surveys conducted by ISACA themselves, as well as IBM’s 2015 Cost of Data Breach Study, UK House of Lords Digital Skills Committee and more. As providers of certifications to cyber security professionals, ISACA are using these statistics to help close the gap where the crucial IT security skills are most needed, as well as increase awareness about the skills shortages. Below, is a breakdown of each stat highlighted by ISACA and their individual and collective implications on the IT industry. Make sure you check out the ISACA infographic at the bottom of the post.

The costs of the cyber security skills gap

In 2014, $1 billion worth of personally identifiable information (PII) was stolen. This means there have been many more stolen since, through 2015 and beyond. As large as this figure is, more unidentifiable records that cannot be traced are highly likely to have been stolen too. This marks a huge amount of money stolen from businesses and economies. On top of this, there are the costs beyond money, like the breach of a customer’s privacy. This type of cost can mean stolen passwords, accounts, addresses, phone numbers or credit card details. These damages can cause loss of personal finance, credit card fraud or even identity fraud. Combined, this shows how cyber security threats are heavily draining businesses and individuals. 

Unfortunately, the severity of these financial implications appears to be increasing. It is estimated $150 million will be the average cost of a data breach by 2020. This is roughly £107 million. The 2015 average in the UK was £1.46 million, more than doubling the 2014 figure of £600,000.This staggering figure, as well as the soaring increase, shows the need to increase security in all businesses, now. Technology and hacking techniques are continuing to advance and if your security is not sufficient and updated, you could be left vulnerable. The huge figure, as well as it’s meteoric rise, forces business managers to take company-wide action, rather than dumping the burden entirely onto IT departments.

97% of security professionals surveyed in ISACA’s 2015 APT study believe advanced persistent threats (APTs) represent a credible threat to national security and economic stability. These opinions come from knowledgeable professionals within the security industry, which is reason enough to take notice of this imminent and serious threat to our businesses and economy. Many businesses ignorantly and naively settle for sub-par IT security systems, but every business is a potential target and if you are not prepared, the consequences could be crippling.

The regularity of cyber security breaches

In the same ISACA survey, professionals from 1 in 4 organisations have experienced an APT attack. This shows the regularity of cyber attacks, as well as how widespread they now are. It’s also worth mentioning that 3 in 4 organisations also believe they will be targeted in the near future, again reiterating how every business needs to be aware and prepared for cyber attacks.

1 in 2 believe the IT security department is unaware of all of the organisations Internet of Things (IOT) devices and 74% believe the likelihood of an organisation being hacked through IOT devices is high or medium. In our increasingly connected world, there are connectivity capabilities on a staggering amount of devices, in our business and personal lives. All of these devices have the potential to become avenues that hackers can target to infiltrate a business. It is important for everyone in the company to be aware of the potential security risks, especially the IT department.

Image courtesy of pat138241 at

The need for cyber security professionals

2 million will be the number of cyber security professionals the industry will be short of by 2019. Numbers are often bandied about to estimate the number of cyber security professionals needed in the cyber security sector, and it’s difficult to determine the exact demand in the UK. However, it’s clear that 2 million reflects the trend in the current cyber security jobs market and is a worrying size considering the severity of threats. In the EMEA region, stats from (ISC)² estimate there will be 1.2 million cyber security roles that are constrained by a lack of supply in the industry. 

The growth of demand for cyber security professionals is 3x the growth of the overall IT jobs market. On top of this, when compared to the overall jobs market, that stat grows to 12x. Also, a study from US New and World Report states that demand for cyber security professionals is growing at a rate of 36.5% through to 2022. 

Looking slightly deeper in the cyber security jobs market, 64% of organisations believe just half or fewer of applicants for open security jobs are qualified. This highlights how the jobs market has become stagnant for employers due to the cyber security skills gap. At the bottom of this scale, many business are having to settle for candidates that aren’t good enough. A potential side effect is that professionals in the industry don’t have the skills to properly protect their business.

How can we develop more cyber security skills?

53% of organisations experience delays as long as 6 months to find qualified security candidates. This means it’s becoming more difficult, costly and time-consuming to find the right cyber security skills for employers to protect their business and assets. One avenue through which the skills gap can be closed is Apprenticeships. The UK government is heavily investing in cyber security, with Chancellor George Osbourne promising an extra £1.9 billion by 2020. Much of this investment will fund two new cyber security focused apprenticeships, the Cyber Security Professional and Cyber Security Analyst. Offered by Firebrand, these trailblazer apprenticeships are an excellent avenue to upskill staff, unrestricted by age limitations. 

89% of consumers believe it is important for organisations to have cyber security certified employees. Another side effect of cyber security gaining more attention, is consumers becoming more aware of its importance. Customers are recognising it’s vital for businesses to have certified cyber security professionals. By getting your security employees certified, not only will they learn and demonstrate more advanced skills, customers will recognise, value and appreciate the extra commitment to cyber security. This is another eye-opener to how important cyber security certifications are, and from a source you probably didn’t expect.

77% of women said that no teacher or careers advisor mentioned cyber security as a career – for men it’s 67%. The lack of women in IT has been a trend for much longer than the cyber security skills gap. It’s clear that the cause of this goes far deeper into society and change starts with giving children the opportunity and encouragement to get valuable IT skills at an early age. The 67% figure for men, shows the problem is not unique to women. The root of the issue is that IT security is not taught in the school curriculum. This causes children, and their teachers too, to be unaware that cyber security is a career choice – one with excellent prospects. 

What’s the solution?

The first step to help close the cyber security skills gap, is for government and business leaders to realise the dangers that the skills gap presents. Thankfully, this is starting to happen. Back in November 2015 Chancellor George Osbourne announced that the UK government was planning to invest £1.9 billion into cyber security. This type of commitment needs to continue, with business leaders and managers investing in cyber security training. This is important to give cyber security professionals the skills they need to properly protect businesses from cyber attacks. If these skills are in place throughout the UK, attacks will be prevented and the numbers reduced.

Also, the structure of education around cyber security needs to change. If the government were to introduce cyber security as part of the curriculum, it would encourage more children to choose cyber security careers. The government must continue to increase their investment into cyber security apprenticeships. This would encourage more young people and businesses to undertake apprenticeships, developing skills and successful cyber security careers. Finally, general awareness needs to increase around cyber security. This would help people take more steps to help prevent cyber attacks. These actions would change the culture of dusting cyber security under the carpet, and getting more skilled cyber security professionals into the industry to protect our businesses and economy.

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Wednesday, 2 July 2014

Top 4 reasons you need the CompTIA A+ Certification


Are you struggling to get your first job in IT? It can be difficult proving your skills to employers as a young person or professional who is currently retraining. 

Luckily, the entry level CompTIA A+ certification overcomes this issue and is one of the best starting points for a career in IT.

As a non-profit trade association, CompTIA has become a leading voice for the technology ecosystem, investing millions to empower ICT companies and professionals worldwide.  They possess worldwide renown and gaining a CompTIA certification identifies you as a qualified and knowledgeable professional. 

'An introduction to the A+ by CompTIA'

And here's why you need it...

1. The IT Skills Gap

Organisations in the UK are struggling to find qualified IT professionals. It’s known as the IT Skills Gap and has even found its way into Parliamentary discussion, with Ed Miliband stating the IT industry is being ‘let down’ by the shortage. The gap is huge with potentially 700,000 unfilled IT vacancies across the EU by 2015. It’s also widely believed to be strangling the UK’s economy and is only expected to widen with the unstoppable proliferation of technology.  

Skilled IT professionals are a valuable commodity. Get qualified and find a job in a sellers market where you are in urgent demand. 

2. It's Industry recognised

It’s  a requirement for Microsoft engineers and Dell, Intel and Lenovo service techs and is recognised by the U.S Dept of Defense. Developed directly by CompTIA and backed by major computer hardware and software vendors, it reflects the type of skills needed to excel in the role of a computer support professional.

For an employer, the CompTIA A+ is a clear demonstration of your knowledge, skills and commitment to a career within IT.

Image courtesy of Grafixar / morgeFile

3. A defined career path

A CompTIA A+ could be the key to your first job in IT. With such a strong fundamental certificate you can move onto more specialised certifications like Network+ and Security+ which focus on networking and IT security respectively. With these certs you can apply for roles like Network Security Engineer (£48,000 PA) and Network administrator (£40,000 PA).

What’s more, the CompTIA A+ certification can be used to qualify as a pre-requisite for Microsoft’s MCSA and MCSE certifications. 

4. It’s vendor neutral

A vendor neutral certification benefits those looking to break into the IT industry. Vendor neutral certs give individuals the benefits of learning on a broader scale which is exactly what you want from an entry level qualification. 

     5. You can get it done in just 4 days (The secret Firebrand reason)

It is recommended that you have experience in building computers, are familiar with windows operating systems and understand basic home networks before you begin your CompTIA A+ certification. If so, you could get certified and begin your IT career within a week.

If you don’t have recommended experience, it won’t take long to get up to speed and prepare yourself for the CompTIA A+ exams. Firebrand pre-ship study materials for you preparation to ensure you can get up to speed before you even begin your course.
Get certified with Firebrand and you can complete your CompTIA A+ in just 4 days.

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.