Concern over SME cyber security skills gap

THE boss of the region’s leading Internet security provider has raised concerns over the ability of small firms to cope with the growing problem of cyber attacks.

Rob Cotton, chief executive of listed NCC Group spoke out after research by the Institution of Engineering and Technology showed the issue is given priority by only a small proportion of SMEs.

The IET surveyed 250 Small to Medium Enterprises (SMEs) to gain insight into current cyber trends. The survey found that only 14% said cyber security threats were their highest priority and felt they had sufficient skills and resources in place to manage the threat.

Less than a third, 30%, felt they had sufficient protection against potential threats to software embedded in their products.
 
Mr Cotton said: “There’s no question that there’s a massive cyber security skills gap in the UK. Small businesses don’t have the necessary knowledge and capabilities. They can’t protect themselves.  

“In the short term they need to bridge the gap, and that comes through working with trusted security providers. Organisations such as CREST provide accreditation for information security firms that have passed rigorous assessments, and these work to keep standards within the industry high.  

“In the long term it’s going to require a more integrated effort, and that includes education. Cyber skills needs to be built into mainstream IT courses so that it comes naturally for future generations.

“At the moment we’re left playing catch up, and it’s a losing battle.”

The IET is running a campaign to raise awareness of the issue. It is also leading a scheme to develop sponsorship for cyber security MSc courses at selected UK universities.