The face of cyber security is undergoing a profound shift. In February this year, the UK government introduced a funding initiative, called The Cyber Skills Immediate Impact Fund, which aspires to bring big changes to the sector. The Immediate Impact Fund aims to develop and diversify the industry and bring organisations up to speed with the latest breakthroughs in data protection.
Primarily, the Fund is aimed at increasing the number of women and neuro-diverse professionals in the cyber security industry. These demographics are currently underrepresented in the field – in fact, a 2015 study found that women made up just 10 per cent of the global security workforce. The pilot scheme offers up to £50,000 to organisations willing to train employees. This is part of a bid to create a sustainable cohort of UK cyber experts.
Despite the focus on boosting women and neuro-diverse candidates, the application for cyber security funding itself is open to all demographics, and supports businesses, charities and public services to improve their own cyber security strategies.
In order to benefit from cyber security funding, businesses must be prepared to train candidates for a career in the industry within six months of the award being given. Gov UK explains,
“the Fund will incentivise a range of organisations develop, scale up, or refocus cyber security training initiatives.”
This could involve anything from recruitment drives, to training courses, to investing in security services and software.
As one CTO, Andy Kays, told The New Statesman:
“Too many organisations seem to think that their cyber security problems can be solved with technology, and while utilising the latest tools is important, there is no replacement for well-trained staff and the expertise of experienced cybersecurity professionals.”
This scheme is founded on the belief that, despite the breadth of technological threat in cyber security, trained professionals are the greatest resource in preventing data breaches. The key to this is, of course, education – so organisations will not only be required to train cyber security officials, they will need to maintain a culture of connectivity, requiring employees to keep up-to-date with the latest cyber security news and protection opportunities.
Many times, we have discussed how uninformed employees present the biggest risk to business cyber security. The logic follows, then, that informed security experts are the best asset any organisation can have at their disposal. We can expect this push for security-trained individuals – particularly the diversification of employees from different backgrounds – to create a thriving culture of security innovation across the board, with a plethora of new ideas and perspectives driving the future of cyber security.
What is clearer than ever is that security illiteracy is no longer an option for any company.
New Commonwealth cyber security funding
The Immediate Impact Fund is not the only type of cyber security funding to have come into play this year. Following the recent investigation into alleged state-sponsored hacking from Russia, nations across the Commonwealth will cosign what is soon to be the world’s largest cyber declaration. This £15 million cyber security pact will see leaders of the 53 nations of the Commonwealth commit to cooperate in combatting cyber crime.
The Independent explains that the pledge intends to
“combat criminals and hostile actors engaged in potentially devastating cyber attacks, and to support smaller nations to raise their security standards by 2020.”
The basis of this international approach is that cyber crime is a risk not combined to national borders. The UK government hopes that supporting other countries to improve their ‘cyber resilience’ will prevent hostile state actors or independent hackers from attacking nations such as the UK itself.
As Computer Weekly points out,
“The Commonwealth Cyber Declaration sets out, for the first time, a common vision for ensuring the internet remains free and open across the Commonwealth.”
The primary impact will be a more integrated strategy against cyber crime across the global sphere. If all countries are able to access the resources and information necessary to uphold the security of their networks, there will be far fewer weak points in cross-border networks for hackers to target.
This continues on from GDPR, which will establish one set of regulations for all data storing and processing organisations across Europe from May 2018. As with GDPR, the Commonwealth Cyber Declaration attempts to streamline the detection and reporting process for data breaches, as well as better-equipping organisations to protect their own – and their clients’ – personal data.
This is of paramount importance for law firms working on cases that so often involve cross-border issues, or legal enterprises that employ remote workers or internationally-based services. To find out more about how we can help you make the most of these new opportunities and better protect your law firm’s cyber security, contact us today on 020 3355 7334.