As cyberattacks grow at an exponential rate, threatening entire infrastructures and targeting businesses, large and small, the demand for cybersecurity expertise is skyrocketing, writes Ellen Sundra, Chief Customer Officer, Forescout.

Yet the gap in cybersecurity skills continues to persist. There are simply not enough skilled professionals in these roles to meet the demand, especially when it comes to finding individuals with the OT and Industrial Control System (ICS) skills needed to defend critical resources.

Recruiting and retaining talent is a major issue, with demand continuing to outpace supply within the rapidly evolving cybersecurity space as it pre-empts and responds to increasingly sophisticated cyber-attacks. Furthermore, the number and types of cyber assets has exploded in recent years, the vast majority being IoT and OT, which aren’t designed to be supported using traditional IT methods, such as patching. Today, even the smallest of hardware or software developments can pose multi-faceted risk and challenges, further exacerbating the need to have the right skillset in place.

An ongoing talent shortage in cybersecurity

As for cybersecurity’s skills shortage, insight from over the years and current research all reflect the same outlook – it’s here to stay for the foreseeable future, with some referring to it as a crisis. According to the Government’s latest Cyber Security Skills in the UK Labour Market Report, there was an annual shortfall of 14,100 cybersecurity employees last year – 4,100 more than the previous year.

In terms of how this figure translates into everyday business operations, the same report revealed that 51% of businesses have basic cyber security skills gaps. For example, being capable of setting up configured firewalls, storing or transferring personal data and detecting and removing malware.

Meanwhile, 33% have more advanced skill gaps in areas such as penetration testing, forensic analysis, and security architecture. OT expertise falls into this more advanced category due to the need for cybersecurity professionals to not just safeguard but navigate their way around the many complexities posed by legacy systems, or out-dated equipment and software that no longer receives security updates. Scanning the systems can cause risks to operations and applying patches requires taking these systems offline for maintenance, which is not only expensive, but disruptive to critical operations.

More responsibility being put on fewer people

For existing cybersecurity teams, the impact of this talent shortage means growing workloads that can potentially lead to burnout. And for cybersecurity leaders, there’s the constant headache of having to find new talent, recruit, onboard, and crucially, retain employees.

Furthermore, research conducted by cybersecurity and IT security certifications and training provider, (ISC)², found that eight in ten organisations have suffered at least one breach caused by a lack of cybersecurity skills or awareness. Their research also revealed that 64% of global organisations had already experienced breaches that resulted in loss of revenue, recovery costs and/or fines.

With the impact of the skills gap being felt far and wide, cybersecurity leaders and teams are re-evaluating their existing processes and swiftly adopting new measures to secure the expertise they need to continue to operate. These measures include:

Automating cybersecurity tasks at scale

Automated cybersecurity enables Security Operation Centre (SOC) teams to enforce device compliance, reduce the attack surface and rapidly respond to incidents. It arms teams, applications and networks with the ability to respond immediately when risks and threats are identified. As a result, tasks that usually take multiple people hours to perform per asset can be completed in bulk or real-time, or on an interval basis.

Looking for existing talent and promoting internally

Organisations are starting to promote in-house staff with an OT background to security officers and architects. The advantage of this is that these employees already know the OT sites and the organisation’s way-of-working and will often collaborate with the IT security teams to implement larger projects.

Embracing external expertise

Some companies are leaning more heavily on external contractors to advise and build their ICS/OT security frameworks or run incident response/security operations. Seeing as the nature of this work can be lengthy, it’s an approach that’s recognised as being an effective way of helping free up in-house resource. It also means companies have access to the specific ICS/OT skills they need.

Partnering with Managed Service Providers (MSPs)

Given the growing market of data analysis and incident response solutions, the challenge lies in shifting from technology to management processes for efficient incident response. In turn, some organisations are leaning into sharing their SOC capabilities with MSPs to help bridge the skills shortage gap.

Adopting platform-based solutions

Managing multiple point solutions with minimal staff is a key factor in relation to organisations struggling to incorporate enterprise-wide cybersecurity. Shifting from standalone to platform-based solutions or tools that easily integrate with others is increasingly being recognised as the solution.

Upskilling the existing workforce

Upskilling existing employees into OT/ICS professionals is widely recognised as being beneficial in relation to retaining talent within companies, and the industry, and gaining access to skills sooner. Some organisations, including Forescout, have implemented dedicated training programmes that are designed to fast-track staff into more experienced or specialist roles.

The knock-on effect of the skills shortage will still be felt many years from now. But, there are measures that cybersecurity leaders can take to gain access to the skills they need whilst delivering on their responsibilities.

Although technological advancements can make organisations vulnerable they can also be leveraged to provide industry-first solutions, including addressing the present OT and ICS skills gap, as well as delivering wider benefits.

31octAll Day01novWomen in Tech Festival 2023

01novAll Day02Bletchley Park to Host AI Safety Summit | Bletchley Park

Event Details

Iconic Bletchley Park to host UK AI Safety Summit in early November

Release issued by: Department for Science, Innovation and Technology, Prime Minister’s Office, 10 Downing Street, Foreign, Commonwealth & Development Office, The Rt Hon Michelle Donelan MP, The Rt Hon Rishi Sunak MP, and The Rt Hon James Cleverly MP

Published 24 August 2023

UK to host world first summit on artificial intelligence safety in November
Talks will explore and build consensus on rapid, international action to guarantee safety and security at the frontier of AI technology
Bletchley Park, one of the birthplaces of computer science, to host the summit

International governments, leading AI companies and experts in research will unite for crucial talks in November on the safe development and use of frontier AI technology, as the UK Government announces Bletchley Park as the location for the UK summit.

The major global event will take place on the 1st and 2nd November to consider the risks of AI, especially at the frontier of development, and discuss how they can be mitigated through internationally coordinated action. Frontier AI models hold enormous potential to power economic growth, drive scientific progress and wider public benefits, while also posing potential safety risks if not developed responsibly.

To be hosted at Bletchley Park in Buckinghamshire, a significant location in the history of computer science development and once the home of British Enigma codebreaking – it will see coordinated action to agree a set of rapid, targeted measures for furthering safety in global AI use.

Preparations for the summit are already in full flow, with Matt Clifford and Jonathan Black recently appointed as the Prime Minister’s Representatives. Together they’ll spearhead talks and negotiations, as they rally leading AI nations and experts over the next three months to ensure the summit provides a platform for countries to work together on further developing a shared approach to agree the safety measures needed to mitigate the risks of AI.

Prime Minister Rishi Sunak said:

“The UK has long been home to the transformative technologies of the future, so there is no better place to host the first ever global AI safety summit than at Bletchley Park this November.

“To fully embrace the extraordinary opportunities of artificial intelligence, we must grip and tackle the risks to ensure it develops safely in the years ahead.

“With the combined strength of our international partners, thriving AI industry and expert academic community, we can secure the rapid international action we need for the safe and responsible development of AI around the world.”

Technology Secretary Michelle Donelan said:

“International collaboration is the cornerstone of our approach to AI regulation, and we want the summit to result in leading nations and experts agreeing on a shared approach to its safe use.

“The UK is consistently recognised as a world leader in AI and we are well placed to lead these discussions. The location of Bletchley Park as the backdrop will reaffirm our historic leadership in overseeing the development of new technologies.

“AI is already improving lives from new innovations in healthcare to supporting efforts to tackle climate change, and November’s summit will make sure we can all realise the technology’s huge benefits safely and securely for decades to come.”

The summit will also build on ongoing work at international forums including the OECD, Global Partnership on AI, Council of Europe, and the UN and standards-development organisations, as well as the recently agreed G7 Hiroshima AI Process.

The UK boasts strong credentials as a world leader in AI. The technology employs over 50,000 people, directly supports one of the Prime Minister’s five priorities by contributing £3.7 billion to the economy, and is the birthplace of leading AI companies such as Google DeepMind. It has also invested more on AI safety research than any other nation, backing the creation of the Foundation Model Taskforce with an initial £100 million.

Foreign Secretary James Cleverly said:

“No country will be untouched by AI, and no country alone will solve the challenges posed by this technology. In our interconnected world, we must have an international approach.

“The origins of modern AI can be traced back to Bletchley Park. Now, it will also be home to the global effort to shape the responsible use of AI.”

Bletchley Park’s role in hosting the summit reflects the UK’s proud tradition of being at the frontier of new technology advancements. Since Alan Turing’s celebrated work some eight decades ago, computing and computer science have become fundamental pillars of life both in the UK and across the globe.

Iain Standen, CEO of the Bletchley Park Trust, said:

“Bletchley Park Trust is immensely privileged to have been chosen as the venue for the first major international summit on AI safety this November, and we look forward to welcoming the world to our historic site.

“It is fitting that the very spot where leading minds harnessed emerging technologies to influence the successful outcome of World War Two will, once again, be the crucible for international co-ordinated action.

“We are incredibly excited to be providing the stage for discussions on global safety standards, which will help everyone manage and monitor the risks of artificial intelligence”.

The roots of AI can be traced back to the leading minds who worked at Bletchley during the Second World War, with codebreakers Jack Good and Donald Michie among those who went on to write extensive works on the technology. In November, it will once again take centre stage as the international community comes together to agree on important guardrails which ensure the opportunities of AI can be realised, and its risks safely managed.

The announcement follows the UK Government allocating £13 million to revolutionise healthcare research through AI, unveiled last week. The funding supports a raft of new projects including transformations to brain tumour surgeries, new approaches to treating chronic nerve pain, and a system to predict a patient’s risk of developing future health problems based on existing conditions.

To be able to host this event of global importance, Bletchley Park will be closed to the public from Saturday 28 October to Friday 3 November 2023 inclusive.

Local residents who will be affected by the AI Safety Summit taking place at Bletchley Park in early November will be contacted directly by Thames Valley Police with further information.

Milton Keynes City Council will be working closely with Thames Valley Police on the details of the impact of the event for Bletchley and the wider MK area, and will be issuing further details regarding road closures from 21 September 2023.

All those whose pre-booked visit falls within the period of closure will be contacted. If your booking was through a partner organisation and not directly with Bletchley Park, please contact them for information. For all other enquiries relating to visits please contact our Bookings team at [email protected]

For any media enquiries about the planned event please contact Rebecca Foy, Bletchley Park’s Director of Public Engagement, at [email protected]

Read more here.

Time

november 1 (Wednesday) - 2 (Thursday)

Location

The Mansion, Bletchley Park,

Sherwood Drive, Bletchley, Milton Keynes, MK3 6EB

Calendar GoogleCal

01novAll Day02Manchester Tech Festival

06nov(nov 6)9:00 AM07(nov 7)3:30 PMClimate Tech Summit 2023

08nov6:00 PM7:30 PMLessons from Leading Women Tech Entrepreneurs - WiTT