PwC: Time to invest in cyber skills

By Janet Brice
Why your cyber defences need the human touch to optimise software investments and stop attackers, says PwC...

Cyber skills should be offered to employees in a bid to optimise an organisation’s cyber software if they are to stay ahead of attackers, say consultants PwC.

“Cyber security needs to strike a balance between technology, process and people,” says Daisy McCartney, PwC’s cybersecurity culture and behaviour lead. 

“Often, we see clients buying new technology, but their people don't have the skills they need to get the best out of it,” says McCartney in the new report, Thinking beyond the firewall: cyber skills for the future.

Cyber security is about more than installing firewalls, is the message from PwC in the report. “It’s about helping your cyber team develop the skills they need to stay ahead of the attackers, while ensuring that everyone in your workforce - no matter what they do - has the secure behaviours, attitudes and beliefs they need to keep your organisation safe.”

A survey into cyber security strategy for 2021 revealed 42% of UK organisations plan to increase their cyber headcount in the next year. Security intelligence (46%) and the ability to work with cloud solutions (40%) were cited as the most important skills for new employees. This was followed by communication (38%), project management (38%) and analytical skills (37%). 

“This reflects the evolution of the industry, with cyber teams now required to work collaboratively with the rest of the business to develop a strategic, analytical approach to cyber security,” says the report.

How to hire the right talent

According to PwC there are lots of cyber security skills frameworks available, with some referencing over 600 different skills – so where do you start?

“There’s a lot out there, and it’s already too complex,” says McCartney. “We broke it down for the typical organisation, setting out the specific knowledge and skills that most cyber security teams will need.”

PwC advises that organisations should initially assess their aspirations for their cyber strategy and then carry out a skills maturity assessment to look at the capabilities that already exists in the workforce. But cyber threats are dynamic and attackers develop new techniques all the time, so skills can quickly become outdated. 

“Organisations need to keep up - and that's hard,” says McCartney. “They need to build and continually develop a cyber workforce that can keep pace with the evolving threat landscape and the attackers they face.”

Create a secure culture

Organisations need to take a holistic view – considering technology, processes and people - when it comes to cyber security, says PwC who warn against just rolling out an e-learn and expect results.

“There’s a common misconception that cyber attacks are successful because of human error. In reality, attackers consider the whole ecosystem; the human aspect is just one vulnerability they look to exploit,” points out the report.

As PwC cyber workforce specialist Holly Rostill neatly puts it: “An attacker is a human, so your defences need to be, too.”

Read more

To read more about security culture click here

For more information on business topics in Europe, Middle East and Africa please take a look at the latest edition of Business Chief EMEA.

Follow Business Chief on LinkedIn and Twitter. 


Featured Articles

Middle East GDP hike of 57% if more women join workforce

By tapping into the potential of next-generation female workers, the MENA region could unlock new economic opportunities, up to US$2 trillion, reports PwC

Dialight supplies LED solutions for industrial safety

Reliance on inefficient lighting technologies are not only harmful to the environment, but also increase injury risk and cost

Top 10: Tech, AI, cloud, cyber speakers at TECH LIVE LONDON

TECH LIVE LONDON events sees technology leaders from IBM, Oracle, Vodafone, JP Morgan, Accenture and the US Space Force among the inspirational speakers

Cyber LIVE adds Vodafone head of cyber Kawalec to line-up

Leadership & Strategy

Musk’s multibillion hostile Twitter takeover – the timeline

Leadership & Strategy

Sustainable moves businesses can make to win customers, IBM