back to article UK doesn't have the SKILLS to save itself from cyber threats

The National Audit Office (NAO) has published a report announcing that the UK doesn't have enough skilled workers to protect it against online attacks and asking Blighty's schoolkids to step into the breach. The number of cyber security professionals in the UK has not increased in line with internet growth, according to the …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Out of work oap

    Over 30 aspie, unemployable due to social skills, wants job in cyber security. Instead spends time tinkering with perl/python/shellcode/payloads/metasploit interpreter/gcc/tor/etc to exploit government websites and defacing complaining about unemployment.

    Hobbies: Phishing

    1. Destroy All Monsters Silver badge

      Re: Out of work oap

      That skillset will positively ROLL OVER anything in my office right now.

    2. Anonymous Coward
      Anonymous Coward

      You need to read this ...

      "Office Politics: How to Thrive in a World of Lying, Backstabbing and Dirty Tricks"

    3. Flywheel

      Re: Out of work oap

      Hobbies: Phishing

      By JR Hartley?

      1. Will Godfrey Silver badge

        Re: Out of work oap

        Yes. You owe me one :)

    4. Yet Another Anonymous coward Silver badge

      Re: Out of work oap

      Sorry you fail the vetting because you have a police caution for hacking the school's admin system when you were 11

  2. Anonymous Coward
    Anonymous Coward

    We do have the skills

    Just not the people working in the I.T. sector - presumably because the jobs have been outsourced as part of the governments ham fisted handling of the economy.

    1. Callam McMillan

      Re: We do have the skills

      It's just that the skills aren't willing to work for £25k per year (Referring to the MI6 codebraking challenge the other year) when they can get several times that working in the private sector.

    2. Halfmad

      Re: We do have the skills

      IT security is an afterthought for most companies and although they have policies in place to allegedly keep employees in line it's rarely acted upon if they don't and most of it is lip service. The simple truth is that we need companies to start hiring IT security staff and backing it up with decisive action from HR departments when something is uncovered.

      It's ironic that you can be fired for stealing from your employer if what you've stolen is physical but far fewer people are fired for data theft or losing valuable/damaging data and even fewer are reported to the police or ICO.

      We have the skills in the UK, we just need companies and government organisations to start taking it seriously and giving departments with IT security staff in them some real power to make the changes necessary.

  3. Joe Harrison


    How many times a year does this story get rolled out. Of course the skills exist.

    1. Anonymous Coward
      Anonymous Coward

      Re: Boring

      All those people don't understand how to use recruiitment sites then. Have you tried recruiting cyber security bods?

      Anon, obviously

      1. Trevor_Pott Gold badge

        Re: Boring

        I have tried recruiting cyber security bods. The key to success is not insulting them with offers below $75K. They average $100K with any sort of experience.

        The problem isn't a lack of skills. It is a lack of people willing to work in the middle of a dense urban core (expensive!) for what - when you factor in cost of living - is poverty wages. Fuck HR, and thier government-funded surveys too.

        Which reminds me...what is the point of LinkedIn again? And really, who does it serve?

      2. Anonymous Coward
        Anonymous Coward

        Re: Boring

        Search for cyber AND security on jobserve. Oooooo... 6 whole jobs. Oooo 250 pounds per day as a contractor.

        Change the search to internet AND security. Oooh. 34 jobs. Massive demand. Oh, and that's a European wide search.

        What a bunch of lying shills.

  4. JimmyPage Silver badge

    Chickens coming home to roost

    so, totally debase science and technology teaching over a period of years. Allow and encourage a celeb-obsessed culture where the height of aspiration is to flash your bits on big brother. Ignore, and belittle scientists and experts in favour of political expediency.

    And THEN act surprised we're not keeping up in the read world.

    Well, colour me surprised.

    1. Yet Another Anonymous coward Silver badge

      Re: Chickens coming home to roost

      And you have a civil service recruitment process that considers "diversity" to mean you invite old chums from both Oxford AND Cambridge to suggest any suitable chaps

  5. Captain Hogwash

    "...taking evidence from homeopaths"

    Isn't that what the current Health Secretary DOES think we should be doing?

    1. Brewster's Angle Grinder Silver badge

      Re: "...taking evidence from homeopaths"

      Try the heir to the throne.

  6. Flywheel

    It's no problem!

    We'll just outsource our security surveillance to India and China! Just like we do everything else..

    1. Anonymous Coward
      Anonymous Coward

      Re: It's no problem!

      We'll just outsource our security surveillance to India and China

      Why? Google is already doing that..

  7. 0laf

    Get a degree in hard science and then get paid a pittance for highly skilled work on short term contracts only so mortgages are impossible to get. Get a PhD to get paid another couple of grand.

    That was the case when I graduated nearly 15yr ago and I can only imagine things are even worse now. Science graduates were paid less than Tesco's checkout operators.

    1. Anonymous Coward
      Anonymous Coward


      I hear you brother *clenches fist, beats chest, raises arm* fight the system, Sci-power!

      Scientists are not respected in the UK (aside from Dr. S. Singh and Libel laws...) Take Diamond Light Source, the UK's foremost central research facility. Scientist Positions, "40hr week", minimum 5 years experience in similar role elsewhere, expected on call duties, 32k. (postdocs get more than that abroad...)

      1. tonysmith

        Re: *nods*

        Last I herd from a French person was that in France if you have qualification xyz then you must be paid at least a certain amount.

        If I remember correctly that French person also said if you cannot find employment at that rate they pay you your job seekers at that rate (I may have mis-heard that part)

    2. This post has been deleted by its author

  8. Keep Refrigerated

    A very informative cyber-article

    Geez, maybe they should stop prefixing cyber- to everything and then at least one hurdle to recruitment would be eliminated, namely the embarrassment factor.

    It's like someone advertising themselves as "Dad's Dance Club for Girls". it's just cyber-wrong.

  9. This post has been deleted by its author

  10. JimmyPage Silver badge

    A true story

    I may have told before ...

    Back in 2009, my lad was due to chose his GCSE choices. The school held an open evening and 3 local universities all gave a presentation on why kids should aspire to go to university (and thus the choices they should consider).

    One chap told us of a student that had graduated in 2007, that had moved to America with her company, and was earning over £40,000 a year. Her company ? Chase Manhattan. Her course ? "Politics and history". Not a doctor. Not an engineer. No cure for cancer from her. No solution to the world energy or hunger crisis from her.

    The fact that she was the aspiration this odious smarmy little shit chose to parade in front of 14 year old kids tells me exactly why things are the way they are.

    1. John Smith 19 Gold badge

      Re: A true story

      ""Politics and history""

      Read that as Politics with Philosophy and Economics.

      Popular with high ranking spooks Intelligence civil servants.

      No. They have no idea about cyber security either.

      1. Anonymous Coward
        Anonymous Coward

        Re: A true story

        well, it's immaterial, since she fucked of to the US, to pay their taxes.

  11. Magnus_Pym

    New headline

    - UK Gov doesn't want to pay for skills to save itself from cyber threats -

    1. Arrrggghh-otron

      Re: New headline

      £650m and £8m to Universities?

      How much of that actually made it to lowering the barriers to entry in actually getting an education in '"Cyber" security? Given that Uni courses cost £9k a year now, why would you take an expensive course that is only going to garner pay in the low £20k range?

      Perhaps some of that could be put towards paying some serious names from the industry to offer a nationwide on-line "Cyber" security course with a nationally recognised qualification for free (or a token amount to sit the exam). I for one would sign up to that.

  12. Lloyd
    Thumb Down

    It's odd

    but I now know lots of IT experts who have been forced to move abroad due to not being able to find work (one mate was willing to drop from £110k to £45k) but still couldn't find anyone to pay that so is now earning an absolute shedload outside of the EU. This is a no brainer, they can find the staff if they're willing to pay them, but they're not, so they outsource or import and then make up disingenuous articles like this to cover their arses.

  13. Anonymous Coward

    Schools prevent students from exploring, government limits free speech

    As the title suggests, schools fsck the chances of kids who are naturally good with this sort of thing. Seriously, teachers soil their pants at the idea of a kid that can do things they can't. As a now 22 year old who left the school system early (and is now taking a degree very late...), schools consist of ego tripping muppets that couldn't make anything of themselves who wish to impose their limitations upon innocent children who would otherwise enjoy learning.

    Also, Britain is pretty much the only country where security best practice documents are not publicly available for scrutiny. I double dare you to find me a legit public download link for the complete versions of all of the Good Practice Guides by CESG for example.

    If I want to however, I can go to the US NSA and get guides on how to secure IT infrastructure without even having to fill a form in. Yeah, I just said it.. The US are more open and transparent than the country that raised me...

  14. Anonymous Coward
    Anonymous Coward

    I have an idea

    When such a thing happens, and the red states are hacking our asses off (figuratively) why not put out a cable asking all skilled workers to volunteer their skills in thwarting the nefarious cyber crims?

    Oh hang on, that was actually a dream that I had, I got enlisted to make the coffee.

    Still, Hollywood? BBC? anyone wanna fund this film?

    1. JimmyPage Silver badge

      Re: I have an idea

      I pay enough fucking tax, thank you. I have no interest in doing the states job for free.

  15. Anonymous Coward
    Anonymous Coward

    The problem's already been solved.

    You asshats seem to have conveniently forgotten that a remedy has already been chosen and implemented! The UK has decided to ration electricity and de-industrialize so very soon the only network you people are going to use is sneaker net - and they won't be Nikes either because anyone who will be able to afford a pair of Nike running shoes will be running like hell to get the fuck out of UK as it finally takes its place among the poorest nations of the world.

    A computer can't be hacked if there's no electricity to run it.

    Problem solved!

    Good work, mates! Long live Soviet England!

    1. Anonymous Coward
      Anonymous Coward

      Re: The problem's already been solved.

      What are you wittering on about? Are you pretending to be English? Are you attempting to troll? If so, you've caught me but I'm afraid it was the random segue between odd subjects that attracted me rather than any outrage at your point. Did you, by the way, have a point?

  16. John Smith 19 Gold badge
    Big Brother

    " the government needs to get them while they’re young"

    And once spying on mastering the internet is up and running we'll know exactly who to get.

    Big brother needs you.

  17. J.G.Harston Silver badge

    The real problem is a shortage of employers willing to employ people who require an hour or so to get up to speed with the new job. If you aren't already doing a job that's exactly 100% identical to the advertised job, you're worse than scum.

  18. Anonymous Coward
    Anonymous Coward

    There are plenty of well-skilled cyber-security people in this country. You know who they are working for though? Private companies..

    That's because they pay them a decent wage, unlike the government that was wanting to pay less than what you could get in IT support for a job in London...

    Anybody remember that "hacking challenge" that was so abismal the answers were available online in a few hours...

  19. Dropper


    I'm sure there's a guy in some Asian country or other who'll do it for $10 / hr.. oh wait, you didn't want to outsource to the people you're trying to protect yourself from? Prolly should have thought of that before you sent the rest of our jobs there..

  20. Anonymous Coward
    Anonymous Coward

    I'm obviously doing security for the wrong private company :(

  21. tonysmith

    Doesn't matter

    Because we don't have aircraft carriers with aircraft for another decade or two and we've only got about 80,000 troops who are actually not here at the moment.

    They'd not need to cyber attack - they could just walk right in and take what they want. Most probably the only official opposition would be some guy from Group4 security on minimum wage (if that).

  22. Anonymous Coward
    Anonymous Coward

    Pure garbage

    I heard a chap talking about this on the BBc yesterday. The way it was described you would think that this field would now pay better than the banking sector in the good days. Double pay should be easy right?

    Show me the money.

    1. Destroy All Monsters Silver badge

      Re: Pure garbage

      Banking sector: Where a your high pay grade makes your manager rich

      Security sector: Where a your high pay grade makes a customer not poor

      The incentives are clear....

  23. amanfromMars 1 Silver badge

    Quizzing the System to Identify its Present Failed Protectors .... Suited Crooks and Useless Spooks

    There certainly are those with the not inconsiderable skills to secure and protect the UK in and from attacks launched from the CyberSpace sector, but the Catch 22 situation which they will always invariably find themselves in, in the beginning of their deliberations and communications, is that the necessary intelligence to understand what is missing in defences, is missing in those to whom they may have been talking or making initial contact about that which be missing, and exposing systemic vulnerabilities for exploitation with ruthless abandon, should the desire to be so cavalier, surface and be considered extremely attractive.

    Eventually, and that can come surprisingly quickly, may it be necessary for one to consider a live demonstration/leak of sensitive and destructive source code of a particularly peculiar and pernicious flaw in a global operating system of command and control to engage with enemy troops/elitist establishment troupers ….. and whenever of great value and overwhelming worth, would that most probably result in a truly fantastic and excessively generous paper bounty for consideration as either payment in the one extreme case or delivered as danegeld in the other.

    And to not imagine in this zeroday and virtual age, that so much real damage can be done by so little with virtual control of renegade memes, and it not be worth a packet, is to be part of the problem which has the wealthiest and supposedly most sophisticated of nations at the mercy of those and/or that which they would be paying/investing billions in, to protect them from their ignorance in a novel and highly disruptive and lucrative field of opportunity and endeavour ….. fabless discovery.

    After all, nowadays, what's a billion or two, whenever you own a printer or three?

    As an exercise here on El Reg, whom and/or what and where would commentators imagine be the leading point of contact to engage with, in the UKGBNI, with regard to securing the virtual intelligence and sensitive information space place. Who and or what decides on what is required and what is to be paid to whom for what and why?

    Not such an easy task whenever everyone hides in the shadows and seeks to avoid accountability and responsibility for failure.

    And that is as much as I wish to say, today, on the matter. Have a nice one, y'all.

  24. JaitcH

    UK doesn't have enough skilled workers to protect it against online attacks. Nor does the USA!

    The self-proclaimed 'world centre of technology', the USA, is exactly in the same position.

    If this were true, rank amateurs such as McKinnon wouldn't be be able to wander around the US data-banks looking for Site 51.

    And implementing Mad May's 'UK government in your pants' strategy is no answer, technology is fast overtaking government capabilities. And I hardly think students reared on Raspberry Pi processors will provide the immediate answer, it takes experienced hackers to fight experienced hackers.

    1. amanfromMars 1 Silver badge

      Re: UK doesn't have enough skilled workers to protect it against online attacks. Nor does the USA!

      And implementing Mad May's 'UK government in your pants' strategy is no answer, technology is fast overtaking government capabilities. And I hardly think students reared on Raspberry Pi processors will provide the immediate answer, it takes experienced hackers to fight experienced hackers. ... JaitcH Posted Wednesday 13th February 2013 12:52 GMT

      Methinks, JaitcH, even the slowest of minds active in the fields being regarded and commented upon in this thread and its hosting El Reg article will realise that a coalition of the ready, willing and able, will lead the intellectually challenged who think that governments are in charge of command and control, a merry dance and expose governments' failed methodologies to an increasingly curious and better educated masses, rather than doing battle and fighting amongst themselves.

      And such frauds and charlatans who would struggle in vain against the more intelligent of beings processing change, will have their very own Henry Ford moments to look forward to fear ...... "It is well enough that people of the nation do not understand our banking and monetary system, for if they did, I believe there would be a revolution before tomorrow morning."

      Indeed, there is much to suggest that such a novel and disruptively constructive state of internetional affairs has already taken place, and is an ongoing burgeoning process.

      cc Cheltenham Doughnut/PO Box 1300 SE1 1BD

  25. amanfromMars 1 Silver badge

    Need to Know Rules the Cyber Roost

    And this is a reality to consider is valid and would further add to the confusion and opportunity generated in the field, and would fully justify its magic fantastic worth in its knowledge being kept secret and unknown, as per any payment in a danegeld arrangement.

    One cannot defend against anything whenever one doesn't understand the method of attack, therefore, the only defenders worth a jot are those who can mount a successful assault, and whenever one is able to mount a series of those, remotely and relatively anonymously from virtual space, there is a duty of care to ensure that sensitive information shared regarding such matters as can be easily catastrophic, are shared with the right class of responsible being, fully cognizant of the likely punitive consequences of unauthorised disclosure, for the rest of one's natural, to other beings/nations/businesses/whatever.

    Step into that world of crazy worlds, only if you really know what you are doing and what everyone else in those worlds can do, for anything less will have you vulnerable to exploitation and defeat at any time of someone else's choosing.

    1. Alister

      Re: Need to Know Rules the Cyber Roost

      Can I just point out that two posts ago you said:

      And that is as much as I wish to say, today, on the matter. Have a nice one, y'all.

      Shut up, already...

  26. vahid

    chickens come home for roosting

    Sorry this needs to be pointed out - wasn't it a few years ago there were threats made that any person in the uk found attempting to use tools such as port scanners etc - would be locked up ?

    I mean you can not tell people not to do something then a few years later turn around and say we don't have any one with skills that can do such things....

    Middle management will be able to hold meetings and discuss the way forward

This topic is closed for new posts.

Other stories you might like