BT warns UK is losing cyber arms race due to lack of interest in IT

UK industry will lose the cyber arms race with hackers if it does not work to address young people's lack of interest in information security, according to BT cyber director, Bob Nowill (pictured left).
Nowill said despite yielding a number of positive results the UK cyber strategy is yet to fully plug the cyber skills gap, during an frank discussion with V3.
"I think it's a bit of an arms race if I'm honest. Yes, we've been making some good inroads into ethical hacking and penetration testing but, the truth is all of this stuff is getting more and more complex and there are more attacks coming, we can see that just through our own cyber defence operations at BT,” he said.
“Therefore, there is a continued need and demand for new and better people to help with this problem."
The BT cyber director said this is troubling as the company has seen growing sophistication and tenacity within a number of hostile groups.
"In terms of the threat actors you can see state actors, criminals, activists and hacktivists. They're all at it, they always have been but the volume has gone up. Some of that could be because we generally are taking more care to look, but overall the numbers have gone up," he said.

"I think there's also been a balance change. If we were having this conversation 10 years ago we'd be talking about the lone student in a bedroom doing terrible damage. That stereotype may have been true once, but it's certainly less so now. Obviously there's been the rise of the hacktivist, where we've seen a growing sophistication within some groups."
Nowill's said this means businesses can no longer afford to ignore cyber security. "If you've got badly configured firewalls, or if you've got out-of-date or non-existent denial-of-service (DoS) defences, or you don't have a managed security service provider and are just trying to DIY it, you are more likely to fall victim to something than you were in the past," he said.
To fix the problem, Nowill said everyone from security providers to schools need to take a more proactive, exciting approach to educate board members and children about information security.
"Storytelling is the best way of getting it across. Not everyone likes reams of graphs, stats and figures showing how awful everything is. People, as do the boards of companies, like stories. They like real stories about things that have happened, what the consequences were, with pictures and videos that bring it all to life."
He highlighted hands-on dynamic tuition programs, such as Cyber Security Challenge UK, as a key example of how schools and businesses can make information security education more exciting.
"Another good thing is to give them hands-on experience, with things like the Cyber Security Challenge masterclasses. Get them doing a real exercise that's authentic and based on something that's happened in the real world, something they can really get stuck in with and make great progress," he said.
BT has been an avid supporter of the UK Cyber Security Challenge since it began. The telecoms company is currently partnering with the GCHQ and National Crime Agency (NCA) to design the 2013 challenge's final.
The UK Cyber Strategy launched in 2011, when the government pledged to invest £650m to help bolster the nation's cyber defences. Education has been a key part of the strategy and to date the government has launched several schemes and initiatives to help plug the ongoing skills gap.
These have included the the GCHQ's Can You Find It challenge and the opening of two new higher education centres designed to train the next generation of security experts at Oxford University and Royal Holloway, University of London.