Cyber Security in the Public Sector: How to Develop Skills and Training

Piers Kelly
June 28, 2021

As the issue of cyber security in the public continues to gain prominence, local councils and national bodies will always look to upskill their workforces with digital learning and training. The key question is, what kind of cyber security training should you pursue and where can you find it?

This blog covers the need for cyber skills training, how to develop a cyber training strategy and where you can find the right training.

Why Invest in Cyber Skills?

In the UK, there's a skills gap when it comes to employees with cyber skills. In the 2020 report, Cybersecurity skills in the UK labour market 2020, it was found that ‘High proportions of UK businesses lack staff with the technical, incident response and governance skills needed to manage their cybersecurity.’

The problem is fairly widespread among the private and public sector:

Approximately 653,000 businesses (48%) have a basic skills gap. That is, the people in charge of cybersecurity in those businesses lack the confidence to carry out the kinds of basic tasks laid out in the government-endorsed Cyber Essentials scheme and are not getting support from external cybersecurity providers. The most common of these skills gaps are in setting up configured firewalls, storing or transferring personal data, and detecting and removing malware.

Additionally, public sector organisations can suffer from smaller numbers of employees who have IT/cyber capabilities. In fact, 25% of public sector organisations have just one person working with IT functions such as cybersecurity.

Even if an organisation can bring in cyber-trained individuals, this doesn’t contribute to the overall amount of cyber-capable workers in the public sector. It just means they’ve transferred from one organisation to another. 

To address the cyber skills gap, the public sector must work to increase the budget for cyber, IT functions and training, alongside nurturing new talent within their ranks.

How to Develop a Cyber Training Strategy

Whether it’s utilising cyber skills to shore up cybersecurity or to utilise a new type of technology to deliver better, more integrated services to local communities, every public sector organisation should consider cyber training.

Gaining Buy-In

Any training strategy needs buy-in. A workforce needs to know the importance of cyber skills, alongside the seriousness of poor cybersecurity practices. It can often be the case that employees either won't be interested or fail to grasp the magnitude of the need for cyber training in our increasingly digital-focused world.

This won’t happen with one email or meeting to go over why training is being offered - gaining buy-in is a strategy in itself. Negotiate and communicate why cyber skills are important and why upskilling public sector professionals helps to deliver better services for target demographics.

But remain open - don’t force anyone to attend. In fact, deliberate on when and how training should be administered so it doesn’t feel like something that takes time away from core responsibilities. Cyber training isn’t a chore, so don’t present it as one.

Emphasise Proper Cyber Safety Practices

A huge consideration for almost all businesses and organisations today is how to remain secure when using technology and the internet. Countless platforms utilised for various business needs use data and are also integrated for web use, making them both attractive to cybercriminals and vulnerable to attacks.

The final part of an effective cyber training strategy is to choose training courses or events to attend. 

Training and Events Available

The following are incredibly useful training events public sector organisations and individuals can make use of. 

NCSC Certified Training

The NSCS Certified Training scheme helps organisations meet the benchmark for cybersecurity training. Taught at both awareness and application levels, this scheme gives newcomers and experienced parties a thorough foundation in cybersecurity alongside opportunities for professional development.

With all organisations needing to upskill their workforces in proper cybersecurity knowledge and best practices, the NCSC Certified Training scheme is the option of choice. 

Explore NCSC Certified Training here.

Developing Cyber Resilience

For businesses looking to build awareness and strengthen their defences against the potential of cybercrime, the Developing Cyber Resilience event will provide insights on security trends, how to define secure IT environments and how to assess any current gaps.

Additionally, attending learners will see how they can apply their knowledge to develop the framework for a more effective cybersecurity strategy, leaving with a clear plan of action for improving cybersecurity and safety. 

The information given is intended to be pragmatic and affordable for public sector organisations. Find out more about the Developing Cyber Resilience course here.

DigiGov Expo 2024

In May 2024, you can attend one of the most innovative events for public sector IT and cyber security leaders and professionals. 

This event brings together cybersecurity, data protection, technology and business leaders across the public sector and highly regulated industries. The DigiGov Expo is the central platform for building infrastructure resilience and securing the UK’s cyber capabilities to fight domestic and international threats.

The dedicated Cyber Security theatre will play host to expert speakers from across cyber security in the UK. Hear about the future of prevention, risks and upskilling yourself and your colleagues.

Explore more or register for the DigiGov Expo here or by clicking on the banner below

DigiGov Expo Banner