SlideShare une entreprise Scribd logo

Widening the cyber talent pool to address the skills gap

M
Martin Sivorn

The public sector faces twice the challenge of finding and retaining a cybersecurity workforce – it is impacted by the worldwide skills shortage, but cannot compete with the competitive salaries that the private sector can provide. To overcome this and to continue finding the necessary skills to protect vital public assets from cyber attack, the public sector will have to be creative and flexible in the ways it sources security talent.

Technologie
1  sur  36
Télécharger pour lire hors ligne
Martin Sivorn Head of Cyber Security
 Government Digital Service
 @_meem_
Widening the cyber talent pool to address the skills gap Martin Sivorn @_meem_ 

GDSMartin Sivorn @_meem_ 
 My last 5 years spent building cyber teams 20192012 Established dedicated cybersecurity team Security transformation Phase of near-continuous cybersecurity recruitment commences (UK/Asia) FT targeted by Syrian Electronic Army HACKd:LDN conference HACKd:APAC conference Cybersecurity becomes a board priority
GDS Sec Ops team HMG Services 2012 2018 GOV.UK Verify £ HMG Services Cyber Security £ Martin Sivorn @_meem_ 
 GDS security expanding remit
The problem(s) Martin Sivorn @_meem_ 

GDS Expanding attack surface Creative and sophisticated attacks Well established cyber-criminal economy Motivated & well-funded threat actors GDS The worsening threat Martin Sivorn @_meem_ 

GDS Incidents Breaches Large Small Unknown Total Large Small Unknown Total Accommodation (72) 40 296 32 368 31 292 15 338 Administrative (56) 7 15 11 33 5 12 1 18 Agriculture (11) 1 0 4 5 0 0 0 0 Construction (23) 2 11 10 23 0 5 5 10 Education (61) 42 26 224 292 30 15 56 101 Entertainment (71) 6 19 7,163 7,188 5 17 11 33 Financial (52) 74 74 450 598 39 52 55 146 Healthcare (62) 165 152 433 750 99 112 325 536 Information (51) 54 76 910 1,040 29 50 30 109 Public (92) 22,429 51 308 22,788 111 31 162 304 Public sector firmly in the firing line Verizon Data Breach Investigations Report (2018) Martin Sivorn @_meem_ 

GDS 69% say their cybersecurity teams are understaffed 58% have unfilled (open) cybersecurity positions 32% say it takes 6 months or more to fill cybersecurity jobs at their organisation 29% say fewer than one-quarter of job candidates are qualified for the cybersecurity position they applied Wanted: qualified candidates Nearly 40% Say university graduates in cybersecurity are not prepared for the job challenges they’ll face Skills gap not shrinking Martin Sivorn @_meem_ 

GDS The reasons are many Women in cybersecurity is a dismal 7% in the UK Martin Sivorn @_meem_ 
 Under investment in training and education Technology is evolving faster than training Cyber threats escalating at an unprecedented rate
But it’s not all doom and gloom Martin Sivorn @_meem_ 

GDS Celebrating our progress in the past year Grown by 25 Increase from 6% to 35% Increase from 26% to 35% Team Gender Diversity Industry GDS 3-6 months per hire 7% female 12% * * 3 open roles had been unfilled for one year just prior to me joining Martin Sivorn @_meem_ 

Plugging the skills gap Martin Sivorn @_meem_ 

GDS Reduce demand on your specialists Effective recruitment Training and skills development Martin Sivorn @_meem_ 

Reduce demand on specialists Martin Sivorn @_meem_ 

GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 

GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 
 Automate manual steps and policy enforcement to reduce the need for human intervention
GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 
 Use actionable threat intelligence to inform thinking and support data-led decision making
GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 
 Actionable alerts and self-service tooling to directly enable people to be more secure locally
GDS Foster a collective security responsibility CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY Martin Sivorn @_meem_ 

GDS Outsource... appropriately outsource hire Martin Sivorn @_meem_ 

GDS Outsource... appropriately Martin Sivorn @_meem_ 
 Activities that align to your core business; one-time operations versus ongoing commitments Cost to manage versus business inflexibility of relinquishing control Use a systematic approach to vendor selection not just based on “cheapest wins”
Effective recruitment Martin Sivorn @_meem_ 

GDS Don’t ask for the moon Martin Sivorn @_meem_ 

GDS Increase the candidate pool Martin Sivorn @_meem_ 
 attract people from a wider and more diverse background set realistic expectations - some things are core, others can be learnt on the job create pathways across government and beyond engage with the community at conferences, events, and during recruitment
GDS The importance of a good job description Martin Sivorn @_meem_ 

GDS The importance of a good job description Martin Sivorn @_meem_ 
 A bad job description discourages large groups of people. Avoid masculine-coded language, long lists of desirable skills, and specific formal education or training (in a field with no clear standard)
GDS Corporate culture and our values Flexible working Importance and purpose of work Sell your benefits to the candidate £ Martin Sivorn @_meem_ 

GDS Prioritise recruitment xx Roles advertised CV sifting Interviews commence Role offered As time goes by… Martin Sivorn @_meem_ 
 You Candidate
Training and skills development Martin Sivorn @_meem_ 

GDS Training and development ● Have a plan to get people up to speed - 4 in 5 organisations say they can’t recruit suitably qualified staff ● The skills you need tomorrow aren’t necessarily the same as you need today ● Suitable people may already be in your organisation Martin Sivorn @_meem_ 

GDS Things that work for us ● firebreak projects every quarter to encourage new innovation ● Internal CTFs, pairing and knowledge sharing ● Everybody rotates into our SOC and incident response team to stay sharp Martin Sivorn @_meem_ 

What government is doing Martin Sivorn @_meem_ 

GDS Other government initiatives ● Cyber apprenticeships scheme ● Independent UK Cyber Security Council ● NCSC’s Cyber Schools Hubs programme in England ● CyberFirst Bursary Scheme ● Cyber Security Body of Knowledge (CyBOK) ● Centres for Doctoral Training in Cyber Security ● Cyber Discovery programme ● Cyber Girls First Martin Sivorn @_meem_ 

Summary Martin Sivorn @_meem_ 

GDS Summary ● Technology won’t solve all your problems but it can vastly improve the situation ● Outsource appropriately using a systematic approach not solely based on cost ● Reach out to the other half of society in your recruitment campaigns ● Tap into security expertise across government
 #xgov-security Martin Sivorn @_meem_ 

Martin Sivorn
 Thank you! @_meem_ https://www.linkedin.com/in/msivorn

Recommandé

State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018Accenture Australia
 
Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare Accenture Security
 
2018 State of Cyber Resilience Report - Ireland
2018 State of Cyber Resilience Report - Ireland2018 State of Cyber Resilience Report - Ireland
2018 State of Cyber Resilience Report - IrelandAccenture Security
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilienceaccenture
 
Security Awareness Training is broken.
Security Awareness Training is broken. Security Awareness Training is broken.
Security Awareness Training is broken. Zach(ary) Eikenberry
 
Tina Wung - Driving Innovation Transformation from Within
Tina Wung - Driving Innovation Transformation from WithinTina Wung - Driving Innovation Transformation from Within
Tina Wung - Driving Innovation Transformation from WithinJulia Grosman
 
Novum insights client deck december 2016
Novum insights client deck december 2016Novum insights client deck december 2016
Novum insights client deck december 2016Bokyung Park
 

Recommandé

State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018State of Cyber Resilience In Australia 2018
State of Cyber Resilience In Australia 2018Accenture Australia
 
Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare Third Annual State of Cyber Resilience SlideShare
Third Annual State of Cyber Resilience SlideShare Accenture Security
 
2018 State of Cyber Resilience Report - Ireland
2018 State of Cyber Resilience Report - Ireland2018 State of Cyber Resilience Report - Ireland
2018 State of Cyber Resilience Report - IrelandAccenture Security
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
 
Accenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber ResilienceAccenture Security CG&S Cyber Resilience
Accenture Security CG&S Cyber Resilienceaccenture
 
Security Awareness Training is broken.
Security Awareness Training is broken. Security Awareness Training is broken.
Security Awareness Training is broken. Zach(ary) Eikenberry
 
Tina Wung - Driving Innovation Transformation from Within
Tina Wung - Driving Innovation Transformation from WithinTina Wung - Driving Innovation Transformation from Within
Tina Wung - Driving Innovation Transformation from WithinJulia Grosman
 
Novum insights client deck december 2016
Novum insights client deck december 2016Novum insights client deck december 2016
Novum insights client deck december 2016Bokyung Park
 
Novum insights client deck november 2016
Novum insights client deck november 2016Novum insights client deck november 2016
Novum insights client deck november 2016Bokyung Park
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internetaccenture
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
 
2017 Cybersecurity Report
2017 Cybersecurity Report 2017 Cybersecurity Report
2017 Cybersecurity Report Scale Venture Partners
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internetaccenture
 
Homme+Machine : Réinventer Notre Manière de Travailler | Accenture
Homme+Machine : Réinventer Notre Manière de Travailler | AccentureHomme+Machine : Réinventer Notre Manière de Travailler | Accenture
Homme+Machine : Réinventer Notre Manière de Travailler | Accentureaccenture
 
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon ThompsonLessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon ThompsonSimon Thompson
 
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtableTC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtableChristinaElezaj
 
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...Simon Thompson
 
"DigIn 2018" Top 5 Key Takeaways
"DigIn 2018" Top 5 Key Takeaways"DigIn 2018" Top 5 Key Takeaways
"DigIn 2018" Top 5 Key TakeawaysAlec Coughlin
 
MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018Match-Maker Ventures
 
Cyber-attacks
Cyber-attacksCyber-attacks
Cyber-attacksThe Economist Media Businesses
 
IABC & RockDove Solutions - Crisis Preparedness in the Digital Era
IABC & RockDove Solutions - Crisis Preparedness in the Digital EraIABC & RockDove Solutions - Crisis Preparedness in the Digital Era
IABC & RockDove Solutions - Crisis Preparedness in the Digital EraRockDove Solutions
 
IDG 2020 Security Priorities Research
IDG 2020 Security Priorities ResearchIDG 2020 Security Priorities Research
IDG 2020 Security Priorities ResearchIDG
 
India's Leading Cyber Security Companies to Watch.pdf
India's Leading Cyber Security Companies to Watch.pdfIndia's Leading Cyber Security Companies to Watch.pdf
India's Leading Cyber Security Companies to Watch.pdfinsightssuccess2
 
About Coherent Cyber Education.pdf
About Coherent Cyber Education.pdfAbout Coherent Cyber Education.pdf
About Coherent Cyber Education.pdfSariMcCoy1
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexShivamSharma909
 
5 learnings from business and technology leaders
5 learnings from business and technology leaders5 learnings from business and technology leaders
5 learnings from business and technology leadersSpark Digital
 
About Coherent Cyber Education.pptx
About Coherent Cyber Education.pptxAbout Coherent Cyber Education.pptx
About Coherent Cyber Education.pptxSariMcCoy1
 
Solving the Cyber Security Skills Gap with DCMS
Solving the Cyber Security Skills Gap with DCMSSolving the Cyber Security Skills Gap with DCMS
Solving the Cyber Security Skills Gap with DCMSIpsos UK
 
World's Most Innovative Tech Companies 2023.pdf
World's Most Innovative Tech Companies 2023.pdfWorld's Most Innovative Tech Companies 2023.pdf
World's Most Innovative Tech Companies 2023.pdfInsightsSuccess4
 
Cybersecurity Talent : The Big Gap in Cyber Protection
Cybersecurity Talent : The Big Gap in Cyber ProtectionCybersecurity Talent : The Big Gap in Cyber Protection
Cybersecurity Talent : The Big Gap in Cyber ProtectionCapgemini
 

Contenu connexe

Tendances

Novum insights client deck november 2016
Novum insights client deck november 2016Novum insights client deck november 2016
Novum insights client deck november 2016Bokyung Park
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internetaccenture
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internetaccenture
 
Homme+Machine : Réinventer Notre Manière de Travailler | Accenture
Homme+Machine : Réinventer Notre Manière de Travailler | AccentureHomme+Machine : Réinventer Notre Manière de Travailler | Accenture
Homme+Machine : Réinventer Notre Manière de Travailler | Accentureaccenture
 
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon ThompsonLessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon ThompsonSimon Thompson
 
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtableTC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtableChristinaElezaj
 
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...Simon Thompson
 
"DigIn 2018" Top 5 Key Takeaways
"DigIn 2018" Top 5 Key Takeaways"DigIn 2018" Top 5 Key Takeaways
"DigIn 2018" Top 5 Key TakeawaysAlec Coughlin
 

Tendances (10)

Novum insights client deck november 2016
Novum insights client deck november 2016Novum insights client deck november 2016
Novum insights client deck november 2016
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilience
 
2017 Cybersecurity Report
2017 Cybersecurity Report 2017 Cybersecurity Report
2017 Cybersecurity Report
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Homme+Machine : Réinventer Notre Manière de Travailler | Accenture
Homme+Machine : Réinventer Notre Manière de Travailler | AccentureHomme+Machine : Réinventer Notre Manière de Travailler | Accenture
Homme+Machine : Réinventer Notre Manière de Travailler | Accenture
 
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon ThompsonLessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
Lessons from Learning (IntraTeam Conference, Copenhagen 2019) by Simon Thompson
 
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtableTC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
TC19 LEAD Tuesday - Meg Garlinghouse - Plus one-lead_roundtable
 
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
Lessons from Learning: How to make an intranet more useful (Simon Thompson/In...
 
"DigIn 2018" Top 5 Key Takeaways
"DigIn 2018" Top 5 Key Takeaways"DigIn 2018" Top 5 Key Takeaways
"DigIn 2018" Top 5 Key Takeaways
 

Similaire à Widening the cyber talent pool to address the skills gap

MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018Match-Maker Ventures
 
IABC & RockDove Solutions - Crisis Preparedness in the Digital Era
IABC & RockDove Solutions - Crisis Preparedness in the Digital EraIABC & RockDove Solutions - Crisis Preparedness in the Digital Era
IABC & RockDove Solutions - Crisis Preparedness in the Digital EraRockDove Solutions
 
IDG 2020 Security Priorities Research
IDG 2020 Security Priorities ResearchIDG 2020 Security Priorities Research
IDG 2020 Security Priorities ResearchIDG
 
India's Leading Cyber Security Companies to Watch.pdf
India's Leading Cyber Security Companies to Watch.pdfIndia's Leading Cyber Security Companies to Watch.pdf
India's Leading Cyber Security Companies to Watch.pdfinsightssuccess2
 
About Coherent Cyber Education.pdf
About Coherent Cyber Education.pdfAbout Coherent Cyber Education.pdf
About Coherent Cyber Education.pdfSariMcCoy1
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexShivamSharma909
 
5 learnings from business and technology leaders
5 learnings from business and technology leaders5 learnings from business and technology leaders
5 learnings from business and technology leadersSpark Digital
 
About Coherent Cyber Education.pptx
About Coherent Cyber Education.pptxAbout Coherent Cyber Education.pptx
About Coherent Cyber Education.pptxSariMcCoy1
 
Solving the Cyber Security Skills Gap with DCMS
Solving the Cyber Security Skills Gap with DCMSSolving the Cyber Security Skills Gap with DCMS
Solving the Cyber Security Skills Gap with DCMSIpsos UK
 
World's Most Innovative Tech Companies 2023.pdf
World's Most Innovative Tech Companies 2023.pdfWorld's Most Innovative Tech Companies 2023.pdf
World's Most Innovative Tech Companies 2023.pdfInsightsSuccess4
 
Cybersecurity Talent : The Big Gap in Cyber Protection
Cybersecurity Talent : The Big Gap in Cyber ProtectionCybersecurity Talent : The Big Gap in Cyber Protection
Cybersecurity Talent : The Big Gap in Cyber ProtectionCapgemini
 
Internet of Things Consortium - IoT Day Webinar for Social Good
Internet of Things Consortium - IoT Day Webinar for Social GoodInternet of Things Consortium - IoT Day Webinar for Social Good
Internet of Things Consortium - IoT Day Webinar for Social Goodiotconsortium
 
Scott Neuman: The Social Business Imperative
Scott Neuman: The Social Business ImperativeScott Neuman: The Social Business Imperative
Scott Neuman: The Social Business ImperativeUnited Partners
 
Digital Skills A Primer
Digital Skills A PrimerDigital Skills A Primer
Digital Skills A Primerijtsrd
 
From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...
From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...
From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...Salesforce Finland
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBMIBM Sverige
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsPuneet Kukreja
 

Similaire à Widening the cyber talent pool to address the skills gap (20)

MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018MMV Webinar 3. Cybersecurity Perspectives. March 2018
MMV Webinar 3. Cybersecurity Perspectives. March 2018
 
Cyber-attacks
Cyber-attacksCyber-attacks
Cyber-attacks
 
IABC & RockDove Solutions - Crisis Preparedness in the Digital Era
IABC & RockDove Solutions - Crisis Preparedness in the Digital EraIABC & RockDove Solutions - Crisis Preparedness in the Digital Era
IABC & RockDove Solutions - Crisis Preparedness in the Digital Era
 
IDG 2020 Security Priorities Research
IDG 2020 Security Priorities ResearchIDG 2020 Security Priorities Research
IDG 2020 Security Priorities Research
 
India's Leading Cyber Security Companies to Watch.pdf
India's Leading Cyber Security Companies to Watch.pdfIndia's Leading Cyber Security Companies to Watch.pdf
India's Leading Cyber Security Companies to Watch.pdf
 
About Coherent Cyber Education.pdf
About Coherent Cyber Education.pdfAbout Coherent Cyber Education.pdf
About Coherent Cyber Education.pdf
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity index
 
5 learnings from business and technology leaders
5 learnings from business and technology leaders5 learnings from business and technology leaders
5 learnings from business and technology leaders
 
About Coherent Cyber Education.pptx
About Coherent Cyber Education.pptxAbout Coherent Cyber Education.pptx
About Coherent Cyber Education.pptx
 
Solving the Cyber Security Skills Gap with DCMS
Solving the Cyber Security Skills Gap with DCMSSolving the Cyber Security Skills Gap with DCMS
Solving the Cyber Security Skills Gap with DCMS
 
World's Most Innovative Tech Companies 2023.pdf
World's Most Innovative Tech Companies 2023.pdfWorld's Most Innovative Tech Companies 2023.pdf
World's Most Innovative Tech Companies 2023.pdf
 
Cybersecurity Talent : The Big Gap in Cyber Protection
Cybersecurity Talent : The Big Gap in Cyber ProtectionCybersecurity Talent : The Big Gap in Cyber Protection
Cybersecurity Talent : The Big Gap in Cyber Protection
 
Internet of Things Consortium - IoT Day Webinar for Social Good
Internet of Things Consortium - IoT Day Webinar for Social GoodInternet of Things Consortium - IoT Day Webinar for Social Good
Internet of Things Consortium - IoT Day Webinar for Social Good
 
Scott Neuman: The Social Business Imperative
Scott Neuman: The Social Business ImperativeScott Neuman: The Social Business Imperative
Scott Neuman: The Social Business Imperative
 
Digital Skills A Primer
Digital Skills A PrimerDigital Skills A Primer
Digital Skills A Primer
 
Quality Driven Digital Transformation
Quality Driven Digital Transformation Quality Driven Digital Transformation
Quality Driven Digital Transformation
 
From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...
From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...
From Defender to an Attacker, Lari Hämäläinen, Managing Partner, McKinsey Dig...
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
 

Dernier

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 

Dernier (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

Widening the cyber talent pool to address the skills gap

  • 1. Martin Sivorn Head of Cyber Security
 Government Digital Service
 @_meem_
  • 2. Widening the cyber talent pool to address the skills gap Martin Sivorn @_meem_ 

  • 3. GDSMartin Sivorn @_meem_ 
 My last 5 years spent building cyber teams 20192012 Established dedicated cybersecurity team Security transformation Phase of near-continuous cybersecurity recruitment commences (UK/Asia) FT targeted by Syrian Electronic Army HACKd:LDN conference HACKd:APAC conference Cybersecurity becomes a board priority
  • 4. GDS Sec Ops team HMG Services 2012 2018 GOV.UK Verify £ HMG Services Cyber Security £ Martin Sivorn @_meem_ 
 GDS security expanding remit
  • 6. GDS Expanding attack surface Creative and sophisticated attacks Well established cyber-criminal economy Motivated & well-funded threat actors GDS The worsening threat Martin Sivorn @_meem_ 

  • 7. GDS Incidents Breaches Large Small Unknown Total Large Small Unknown Total Accommodation (72) 40 296 32 368 31 292 15 338 Administrative (56) 7 15 11 33 5 12 1 18 Agriculture (11) 1 0 4 5 0 0 0 0 Construction (23) 2 11 10 23 0 5 5 10 Education (61) 42 26 224 292 30 15 56 101 Entertainment (71) 6 19 7,163 7,188 5 17 11 33 Financial (52) 74 74 450 598 39 52 55 146 Healthcare (62) 165 152 433 750 99 112 325 536 Information (51) 54 76 910 1,040 29 50 30 109 Public (92) 22,429 51 308 22,788 111 31 162 304 Public sector firmly in the firing line Verizon Data Breach Investigations Report (2018) Martin Sivorn @_meem_ 

  • 8. GDS 69% say their cybersecurity teams are understaffed 58% have unfilled (open) cybersecurity positions 32% say it takes 6 months or more to fill cybersecurity jobs at their organisation 29% say fewer than one-quarter of job candidates are qualified for the cybersecurity position they applied Wanted: qualified candidates Nearly 40% Say university graduates in cybersecurity are not prepared for the job challenges they’ll face Skills gap not shrinking Martin Sivorn @_meem_ 

  • 9. GDS The reasons are many Women in cybersecurity is a dismal 7% in the UK Martin Sivorn @_meem_ 
 Under investment in training and education Technology is evolving faster than training Cyber threats escalating at an unprecedented rate
  • 10. But it’s not all doom and gloom Martin Sivorn @_meem_ 

  • 11. GDS Celebrating our progress in the past year Grown by 25 Increase from 6% to 35% Increase from 26% to 35% Team Gender Diversity Industry GDS 3-6 months per hire 7% female 12% * * 3 open roles had been unfilled for one year just prior to me joining Martin Sivorn @_meem_ 

  • 12. Plugging the skills gap Martin Sivorn @_meem_ 

  • 13. GDS Reduce demand on your specialists Effective recruitment Training and skills development Martin Sivorn @_meem_ 

  • 15. GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 

  • 16. GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 
 Automate manual steps and policy enforcement to reduce the need for human intervention
  • 17. GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 
 Use actionable threat intelligence to inform thinking and support data-led decision making
  • 18. GDS Autonomous Intelligent Self-service Tech-engineered solutions Martin Sivorn @_meem_ 
 Actionable alerts and self-service tooling to directly enable people to be more secure locally
  • 19. GDS Foster a collective security responsibility CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY CYBER SECURITY Martin Sivorn @_meem_ 

  • 21. GDS Outsource... appropriately Martin Sivorn @_meem_ 
 Activities that align to your core business; one-time operations versus ongoing commitments Cost to manage versus business inflexibility of relinquishing control Use a systematic approach to vendor selection not just based on “cheapest wins”
  • 23. GDS Don’t ask for the moon Martin Sivorn @_meem_ 

  • 24. GDS Increase the candidate pool Martin Sivorn @_meem_ 
 attract people from a wider and more diverse background set realistic expectations - some things are core, others can be learnt on the job create pathways across government and beyond engage with the community at conferences, events, and during recruitment
  • 25. GDS The importance of a good job description Martin Sivorn @_meem_ 

  • 26. GDS The importance of a good job description Martin Sivorn @_meem_ 
 A bad job description discourages large groups of people. Avoid masculine-coded language, long lists of desirable skills, and specific formal education or training (in a field with no clear standard)
  • 27. GDS Corporate culture and our values Flexible working Importance and purpose of work Sell your benefits to the candidate £ Martin Sivorn @_meem_ 

  • 30. GDS Training and development ● Have a plan to get people up to speed - 4 in 5 organisations say they can’t recruit suitably qualified staff ● The skills you need tomorrow aren’t necessarily the same as you need today ● Suitable people may already be in your organisation Martin Sivorn @_meem_ 

  • 31. GDS Things that work for us ● firebreak projects every quarter to encourage new innovation ● Internal CTFs, pairing and knowledge sharing ● Everybody rotates into our SOC and incident response team to stay sharp Martin Sivorn @_meem_ 

  • 32. What government is doing Martin Sivorn @_meem_ 

  • 33. GDS Other government initiatives ● Cyber apprenticeships scheme ● Independent UK Cyber Security Council ● NCSC’s Cyber Schools Hubs programme in England ● CyberFirst Bursary Scheme ● Cyber Security Body of Knowledge (CyBOK) ● Centres for Doctoral Training in Cyber Security ● Cyber Discovery programme ● Cyber Girls First Martin Sivorn @_meem_ 

  • 35. GDS Summary ● Technology won’t solve all your problems but it can vastly improve the situation ● Outsource appropriately using a systematic approach not solely based on cost ● Reach out to the other half of society in your recruitment campaigns ● Tap into security expertise across government
 #xgov-security Martin Sivorn @_meem_