With cybercrime on the rise, it's vital that the UK develops the skills and knowledge to counter this threat - and GCHQ's degree certification scheme helps students choose the right course to launch their career…
From communicating via email and instant messaging to travel, banking and shopping, nearly every aspect of our personal lives revolves around the cyber world.
Add to this the ever-growing 'internet of things', critical infrastructure such as power and water, and the challenges of delivering government services online, and it's clear that society is critically dependent on the internet. The UK's security and prosperity rests on digital foundations, but as with any high-value system, there are those who seek to exploit weaknesses and launch attacks.
The growth of cybercrime
Cybercrime increased by 20% between 2014 and 2016, according to the Office for National Statistics (ONS). It's perhaps not surprising that cyber criminals are such a threat. In July 2016 alone Britons spent an estimated £10.7billion shopping online, and one eighth of the UK's gross domestic product (GDP) comes from the digital economy.
The UK cyber security industry is worth more than £22billion per year to the UK economy, growing at around 10% per year and employing more than 100,000 professionals, while cyber security exports in 2015 were £1.84billion, up one quarter from 2014.
The UK is the sixth largest exporter, and has the highest percentage of individual internet usage, of any G7 economy. We're among the world leaders in digital government, and our social security payments will soon be delivered through a single system, Universal Credit. When it's fully operational, 90% of claims will be processed online, so this one system will pay out 7% of our GDP.
Much is already being done to combat these threats. HMRC has recently prevented eight million phishing emails from reaching its customers thanks to a new email filter called DMARC, and the National Cyber Security Centre (NCSC) is helping the rest of government do the same.
In the last 12 months, HMRC has worked with internet service providers to remove more than 13,600 fraudulent websites that were aiming to harvest personal and financial information. Owing to early detection and intervention, only 71 of the 80,000 security alerts generated each month by the Department for Work and Pensions' (DWP) Cyber Resilience Centre have been categorised as incidents requiring deeper investigation.
Combating the threat
The challenge we now face is to shape a digital society that is resilient to cyber threats and builds on the good work already being done, using people who have the knowledge and skills necessary to keep the UK at the forefront of the digital economy. As part of this, the government is investing £1.9billion in transformative cyber security initiatives over the next five years (2016 to 2021). The key cyber security objectives for this investment are to:
- defend the UK against evolving cyber threats
- deter hostile action against the UK
- develop the cyber security industry and create a self-sustaining pipeline of talent into the UK.
To help achieve these aims, a key part of the new strategy has seen the creation of the NCSC, headquartered in London but with its roots in GCHQ's world-class expertise in Cheltenham.
The NCSC is the UK's authority on cyber security and is part of GCHQ, bringing together the capabilities already developed by CESG - the information security arm of GCHQ - the Centre for the Protection of National Infrastructure, CERT-UK and the Centre for Cyber Assessment.
The NCSC's vision is to help make the UK the safest place to live and do business online, and it will support the most critical organisations in the UK across government and the private sector.
It will work very closely with law enforcement agencies and the intelligence community to help prevent, disrupt and investigate cybercrime and other cyber-related threats.
Cyber security degrees
A key objective of the NCSC is to nurture and grow the UK's cyber security capability, and part of this is achieved through GCHQ's certified degrees scheme, which aims to set the standard for good cyber security education in the UK. Career options for graduates in cyber security are wide-ranging, and may include the following:
- cyber and digital forensics
- development and code analysis
- incident response
- intelligence operations
- law, legalities and compliance
- network security
- penetration testing
- policy and strategy
- research and new developments
- secure software
- security architecture
- security auditing
- vulnerability assessment.
More information about these roles and the skills you'll need for them can be found at Cyber Security Challenge UK.
Currently there are nearly a hundred university degrees in the UK with 'cyber security' or similar in the title (at a mix of undergraduate and postgraduate level), and it can be difficult to navigate this range of courses, each with differing specialities. To help with this, GCHQ has developed a degree certification programme in collaboration with academic colleagues, consulting with stakeholders in academia, industry and government. The scheme offers certification for undergraduate (Bachelors and integrated Masters) and postgraduate Masters degrees.
GCHQ certification can help students choose a cyber security degree that has been assessed by an independent expert panel as providing well-defined and appropriate content, delivered to a high standard in excellent facilities by knowledgeable and skilled staff. Students who choose these courses can be assured of receiving an education that is relevant to the UK's current and future needs, which will provide them with a firm foundation for their future careers.
So far 20 degrees at 15 different universities across the UK have achieved certification, and another round of certifications will take place in April 2017. For more details of the scheme and the currently certified degrees, visit GCHQ certified degrees.