The Department for Science, Innovation and Technology has published a new report that investigates the level of cyber security skills in the UK, including the public sector.
In the Cyber security skills in the UK labour market 2023 report, which was researched by Ipsos, it was discovered that there is a significant skills gap across the public sector. One of the causes of this is the tight budgets that many organisations are under.
One contributor to the research spoke about the impact that funding is having, and is quoted in the document as saying:
“At the moment, we’re not getting funding streams through to do what we’re doing… Budgetary constraints are incredibly ferocious at the moment. Cybersecurity is a 24/7 problem. And we’re not paid to do that. So, everything’s been done on kind of grace and favour and best endeavours outside of hours.”
Alongside funding limitations holding back the cyber security of public sector organisations, there are also struggles around defining career pathways into public sector cyber security. The research suggested that this could be down to a lack of available roles, but it did also suggest that funding could be a contributing factor.
Another contributor, working for a public sector organisation with 1,000 or more employees, told the report:
“There are currently no defined career pathways. The council won’t contribute to the costs. We currently are offering no career pathways in cyber roles and cannot offer any apprenticeships. You are expected to have the knowledge or experience already and, if a role becomes available, then to apply for this role.”
Touching on the level of the skills gap that has opened up across the sector, the report stated that 30% of public bodies have an advanced skills gap, which is less than other sectors, however there is still concern about the capability of staff to keep systems secure. The research outlined how there is more scepticism surrounding staff using sufficiently strong passwords than in businesses, whilst 19% of respondents were also not confident in their organisation’s ability to write an incident response plan.
With the emphasis that is being placed on improving cyber security across the public sector, it would be believed that issues can be addressed before the gap widens. Seemingly, this could be rectified through increased funding and a more defined pathway for those wishing to embark on careers in public sector cyber security. More scope for apprenticeships, and a willingness to develop skills could see the gap close, especially with the noted increase in demand for cyber security professionals.