About a year ago, the UK’s National Audit Office put out a report that said the paucity of cybersecurity skills is tripping up the government’s progress in keeping up with the Cyber Security Strategy strategy, a security blueprint it put out in 2011.
Young people are dribbling out of computer science or ICT programs in schools and universities at a pathetically slow rate, the report said.
Furthermore, what few security pros the government has are being lured away by the sweet smell of big bucks wafting from the private sector.
According to the report, the whole country’s IT development is coasting by on the graces of a few handfuls of “highly skilled people”, and the pipeline of graduates and practitioners is down to such a trickle that it could take 20 years to address the skills gap at all levels of education.
So the government is going to start teaching children as young as 11 about careers in cybersecurity, it says.
The UK’s Department for Business, Innovation & Skills on Thursday released a report on the issue of the cybersecurity skills gap, announcing that it’s getting “special learning materials” into the hands of 11- to 14-year-olds.
It’s also planning cybersecurity apprenticeships, has plans to train teachers so they can pass on cybersecurity smarts to their students, and will get universities to boost their own teaching in the field.
Security internships will also be a part of the puzzle, to get students the work experience that employers need, the report says.
Universities and Science Minister David Willetts had this to say, as quoted in a press release about the report:
Today countries that can manage cyber security risks have a clear competitive advantage.
By ensuring cyber security is integral to education at all ages, we will help equip the UK with the professional and technical skills we need for long-term economic growth.
The plans are an outgrowth of the government mulling over these issues together with the employers who hire security people.
One of the explicit examples of how they will work is a plan to incorporate professional qualifications into degrees, as well as getting businesses involved in course design and embedding cybersecurity into software engineering and computing degrees.
Another idea they’ve had is support for a Massive Open Online Course (MOOC) to provide a mass audience with introductory training on cybersecurity.
They’re also trying to get advanced degrees that are security-centric, and they want to inject security into vocational training as well.
The government’s ambitions are well-grounded in a compelling need for more security skills.
Whether it finds the funds to pay for it all could make or break the skills pipeline, in the UK as in every other skills-strapped country.