We’re rounding up some of the biggest cyber security stories of the past few weeks. In July, a government report highlighted the continued skills gap in cyber security, British organisations have played a crucial part in digital resilience, firms were warned to be cautious of growing threats and the NCSC published new risk mitigation measures to help businesses deal with cyber crime.
UK cyber security skills gap remains significant
Half (50 per cent) of all UK businesses suffer from a basic cyber security skills gap, according to the government’s Cyber Security Skills in the UK Labour Market 2023 report.
This represents little movement from last year’s report, in which the figure stood at 51 per cent. Findings also showed that one-third of organisations have an advanced skills gap, while the shortfall of professionals has fallen from over 14,000 in 2022 to 11,200 employees this year.
Positively, the number of students graduating from cyber security courses has grown 19 per cent year-on-year. 2022 saw a cohort of 4,400 new professionals, partly due to the government’s Upskill in Cyber programme.
UK businesses crucial in preventing cyber crime
British organisations reported over 7 million suspicious emails and websites in 2022, according to a recent National Cyber Security Centre (NCSC) report.
Equating to one potential scam every five seconds in 2022, the NCSC has described UK businesses and citizens as part of a “whole-of-society” approach to cyber crime, helping to prevent millions of attacks.
Jonathan Ellison, NCSC director for national resilience and future technology, commented: “As this latest report shows, cyber security is not the sole preserve of tech specialists. Businesses are increasingly alive and eager to engage with the cyber risks they face.”
Organisations urged to beware of ‘hackers for hire’
The demand for malicious hackers is set to increase, warned the NCSC in a recent report, published to coincide with the CyberUK conference in Belfast. Cyber security experts are warned to prepare for a rise in spyware and other hacking tools.
The assessment forecasted threats not only to become more common, but also far less predictable as cyber criminals develop new methods and implement additional off-the-shelf products.
Across the last decade, more than 80 nations have acquired cyber intrusion software, with some states “almost certainly having irresponsibly used this” to develop the ability to spy and hack online.
New techniques in NCSC risk management toolbox
The NCSC has revised its risk management guidance to help organisations mitigate cyber risks. The new toolbox features an additional three sections, including an eight-step framework to help users understand what a good approach looks like for their organisation.
A basic assessment and management method has been integrated into the guidelines, which acts as a similar method to component-driven approaches recommended by the International Standards Organisation and the National Institute of Standards and Technology.