Cyber security news roundup: June 2022

Published on: 30 Jun 2022

We're rounding up some of the biggest cyber security stories of the past few weeks. In June, new research highlighted the benefits of adding junior-level staff to cyber security teams, the scale of personal data breaches in the UK was revealed, and details of a new scheme to address the UK's cyber skills shortage were released.

New survey highlights importance of ongoing development for cyber security staff

Businesses looking to take on new cyber security personnel need to update their approaches to this area and focus more on professional development if continued skills shortages in the sector are to be overcome, a new report has warned.

Research by training provider (ISC)2 found that 91 per cent of hiring managers give entry and junior-level staff career development time during working hours. However, just 37 per cent say that entry-level practitioners are 'up to speed' within six months on the job, while half said it takes up to a year.

The research also noted that having more junior-level staff on board offers firms benefits including new perspectives, ideas, creativity, critical skills in new technologies and enthusiasm. Clar Rosso, chief executive of (ISC)2, said: "Successful hiring managers have learned recruiting entry and junior-level staff and investing in their professional development results in more resilient, sustainable cybersecurity teams."

Manufacturers warned of 'false sense of security' when it comes cyber defences

Firms in the manufacturing sector should be doing more to ensure they have the right cyber security defences in place, after new research revealed many businesses in this sector are overconfident in their ability to repel an attack.

The Financial Times polled 250 organisations in Europe and the US and found many firms reported a high level of confidence in their systems - with a third stating they had successfully defended against an attack. However the study revealed a large number of firms in the sector actually reported limited skill sets and preparations, which led the researchers to state many are suffering from a "false sense of security".

Overall, 40 per cent had experienced a cyber attack in the last 12 months. Of these, half said this has harmed their profits, while four in ten stated it has led to reputational damage as a result and a reduction in sales.

Average Brit 'impacted by four data breaches'

The average person in the UK has had their personal details compromised by data breaches four times since 2004, according to new research, making the nation one of the top ten worst countries in the world for data protection.

These figures come from cyber security company Surfshark, which estimated that people in the UK have lost over 777 million data points to cybercriminals in the last 18 years. Of these, around 80 per cent are passwords, while the UK has had 247.1 million breached accounts over the period.

This may indicate that the protections firms have in place to secure their user data are not as effective as many think. Agneska Sablovskaja, data researcher at Surfshark, said: "Considering that most European countries have robust cybersecurity measures in place, this comes as a surprise and calls for better personal data storing and management practices."

UK govt to support free cyber upskilling programme

A new government-backed programme to tackle the shortage of cyber security skills in the UK by offering workers free training courses is to get under way next month.

The Upskill in Cyber initiative will offer participants two free SANS training courses, as well as  soft skills development and opportunities to network with potential employers. Those who complete the course will receive two industry-recognised certifications - GIAC Foundational Cyber Security Technologies (GFACT) and GIAC Security Essentials Certification (GSEC).

Running from July 4th to 9th September, the intensive ten-week programme will offer participants who have no background in cyber security the skills they need to enter the sector. Those who pass the course may be suitable for roles in areas such as security advisory teams, incident response, or security operations centre analysis.