United Kingdom Businesses Security

UK Companies Facing Cyber Security Staff Shortage (theguardian.com) 52

Posted by msmash from the reality-check dept.
Bruce66423 writes: According to a recent survey of recruitment agencies, 81% expect a rise in demand for digital security staff, but only 16% saw that the demand would be met."

Resorting to 'neuro-diversity' [...] "We were originally plucking people from IT and bolting skills on but we changed our entire recruitment policy including targeting different kinds of people," said Rob Partridgeat BT Security. "One area we've looked at is neuro diversity. We know, for example, that some people with Asperger's are highly suited to cyber but don't always have good communication skills so we changed our approach to the way we source and interview candidates.

  • Pay people what they are worth! If you only offer people peanuts then you aren't going to get a warm reception.

    • you need a stable, well funded working class to have children and an education system to train them. Those things are really, really pricey. On the other hand in a dog eat dog economy some folks are bound to make it through sheer force of will, good genetics and dumb luck. Hence the relentless push to bring in labor from overseas. Let somebody else pay the costs to train the next generation of employees, both the economic (food, shelter, schools, etc) and social (e.g. that dog eat dog capitalism again).

  • Security has no ROI... (Score:1)

    by Anonymous Coward

    Posting AC. I worked with a developer who told me the following:

    "There is a reason why you don't find people interested in cyber security. Companies don't want them, because security has zero ROI."

    "After years in DevOps, I will happily have my code run as root or require admin rights on Windows, if it gets the job done. Security isn't something I will give a care about, ever. Mainly because if a company gets sued for my insecure code, their lawyers handle it. If I don't make my deliverables, I get fire

    • Re: (Score:2)

      by AHuxley ( 892839 )
      The only ROI is for the GCHQ, MI6/5. They take generations of skills and now offer good pay, advancement and housing. People like that have the backgrounds and paperwork to prove they are loyal to the UK.
      The private sector can use a lawyer like person to cover for many random workers globally with no loyalty to the UK.
      Why hire 50 people from the UK to work on a project who can pass UK security when 1 UK person can sign for the work of 49 low cost foreign workers?
      The paperwork is done to some needed lev

    • You want to know why people don't want to work in cyber security and why you can only get autists with zero interpersonal skills? Because anyone with interpersonal skills wouldn't stomach working in that field for long.

      If you come into a packed cafeteria and on a table there are two people sitting by themselves and they, too, don't even look at each other, you found internal audit and itsec. You're about as well liked as athlete's foot. And if your coworkers could shoot their boss who drives them from crunc

      • Re: (Score:2)

        by AHuxley ( 892839 )
        Re 'wouldn't stomach working in that field for long."
        The GCHQ had to study staff problems from the 1950-70's. It took the GCHQ two decades of intensive study to finally work out how to get and keep the best experts.

        A really good wage, nice location for living in UK and the best working conditions.

        The rate of sale of UK secrets to the Soviet Union and Russia also decreased with better wages and conditions. Troublesome activist union membership was reduced for the better too.
        Security and cyber sec
  • How much did the UK waste on computer education for all with its BBC Micro https://en.wikipedia.org/wiki/... [wikipedia.org], Dragon https://en.wikipedia.org/wiki/... [wikipedia.org] and other attempts at generational computer education?
    With so much money put into the early use of computers, generations should be computer ready by 2018?

    Did the education system discover that very average students stay very average even after using a computer for many years?

    That money could have been put into university math and CS. The very best coul

    • Re: (Score:2)

      by mikael ( 484 )

      You haven't heard of the company called ARM? The money invested by Acorn into the BBC Micro and the associated training programs, helped to develop ARM CPU architecture that went into mobile CPU's, GPU's and the entire ecosystem.

      https://en.wikipedia.org/wiki/... [wikipedia.org]

      "The Tube interface allowed Acorn to use BBC Micros with ARM CPUs as software development machines when creating the Acorn Archimedes. This resulted in the ARM development kit for the BBC Micro in 1986, priced at around £4000."

  • You must be at least this autistic to work here.

  • So what we have, cyber security experts missing. May be its a lot more profitable being illegal, work for yourself, not being judged for color of skin or sex to have some one else blame you for mistakes of others. On other side of scale: incompetent people trying to catch you, just one out of hundreds? IMHO risk might be very calculated here...

  • ...then you aren't really demanding anything. This is Econ 101.

    If demand isn't being met, it's not because you aren't willing to pay exorbitant rates, it's because you are legally prohibited from paying those rates to get what you want.

    What is legally preventing companies from hiring security professionals? The article doesn't say.

    Move on, folks. This is just propaganda to try to get the government to solve the private sector's problems at taxpayer expense!

  • People with IT skills don't interview well. Film at 11.

  • As soon as people wake up and realize that capability based security can fix all of this, "computer security professional" will be about in demand as much as "computer operator" or "system administrator". I wish these folks so employed a nice 10ish year ride until it's over.

    So the prophecy is written, again.

