This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Fixing the security skills gap is 'in every organisation's best interest'

Share this article:
Fixing the security skills gap is 'in every organisation's best interest'
Fixing the security skills gap is 'in every organisation's best interest'

The skills gap will not be solved in the near future while security is not a national topic.

Asked if employees come in with the right information skills, Amar Singh, News International CISO and chair of the London Chapter security group of ISACA, told SC Magazine that there is a gap that needs to be filled.

Recently, a number of computer science students at the University of Surrey claimed that there was more value in real world experience than qualifications. Singh said that there was a general IT gap, as his children can only use Microsoft Word and no one was talking about programming now.

“I cannot find a solution for this and I want to see 11-14-year-olds learn about information security, I am not sure where the barriers are,” he said.

“I want to use the ISACA initiative to try and bring information security and technology to as many people as possible. It is in every organisation's best interest.”

However he said that people are so fixated on being technical that they lose sight of social and business skills, especially in being able to talk to management – so there was a need for ‘hybrid' people.

Research released last week by the National IT Skills Academy found that only seven per cent of information security professionals are aged between 20 and 29, and there was a need to attract more young talent into the industry by creating additional entry routes such as apprenticeships and signposting to relevant training more clearly.

Its research, carried out by e-skills UK in partnership with Alderbridge Consulting, showed a need for better entry routes into security-specific careers, with nearly a third of professionals progressing to their current positions from general IT or non-IT roles.

Asked if he felt that skills as a CISO were interchangeable, Singh said that while he was not "married to one particular sector", he could apply them other businesses and a security professional should be able to do that.

He said that employees should have a "bit of understanding of how the business works" and all skills can be applied across any sector, but it was not dependant on technology.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.