The UK government has announced a £500,000 fund to help train up higher education students in advanced cybersecurity, as its Cyber Essentials certification scheme logged its 1000th member.
The fund will be administered by the Higher Education Academy – which will hand out up to £80,000 for academic institutions which agree to match the amount. The aim is to provide students with the kind of high quality, real-world teaching the industry needs to reduce skills shortages.
Digital economy minister, Ed Vaizey, made the announcement at the Financial Times Cyber Security Europe Summit today as Intel Security became the 1000th business to sign up to the Cyber Essentials scheme.
“Good cybersecurity underpins the entire digital economy – we need it to keep our businesses, citizens and public services safe. The UK is a world leader in the use of digital technologies but we also need to be a world leader in cybersecurity,” Vaizey said in a statement.
“Trust and confidence in UK online security is crucial for consumers, businesses and investors. We want to make the UK the safest place in the world to do business online and Cyber Essentials is a great and simple way firms can protect themselves.”
Cyber Essentials is a key pillar of the government’s National Cyber Security Strategy, designed to improve the level of security among UK organizations by ensuring they implement a set of fundamental security controls.
IT managers can also use the scheme to differentiate when choosing IT suppliers.
Ian Glover, president of accrediting body CREST, welcomed Vaizey’s comments.
“Working collaboratively, the government and industry have established a minimum set of security controls that should be in place for all organizations; large and small,” he told Infosecurity.
“This collaboration is really important because this is not the government saying what is best for your organization, it is the industry trying to establish good practice and then sharing it with everyone else.”
However, Cyber Essentials is not a silver bullet, and must instead be seen as “the start of the journey,” Glover explained.
“For those organizations that hold sensitive personal information or corporate information central to the business it is very likely that they need to do more to counter a concerted attack,” he added.
“If an organization is part of the supply chain they must also understand their obligations and not become the weakest link in the chain and therefore the most logical to attack.”