Why education is key to tackling the cyber skills gap

Computing science taught in schools today must be broadened, and must start being taught much sooner, if we have any chance of closing the cyber skills gap, says former teacher and AtkinsRéalis' cyber security consultant, Kate Blackie.

When I look at today's A-level computing science curriculum – from a position of having had 15 years' experience of teaching the subject – in my view it's putting off a swathe of young people who might be considering a future in a broader digital or cyber security career – and at some cost to UK plc.

Why? Because today's teaching of computer science places far too much emphasis on the technical aspects of the subject, at the expense of giving time and space to encourage students to develop other digital and cyber skills; skills we urgently need to meet the enormous challenges of the next century.

Are we missing a trick?

We're missing a trick. If a wider, more diverse group of young people can be convinced that a digital career is right for them, and cyber skills are incorporated into the curriculum from the primary school age, just imagine the potential. We could be laying the foundations for a workforce that is supremely cyber-aware, and one that would benefit the whole of society.

In 2015 the Government removed GCSE and A-level Information and Communications Technology (ICT) qualifications in favour of more technical computer science qualifications. This was partially in response to pressure from the rapidly growing gaming industry. This had, and continues to have, serious implications on the diversity of students now pursuing IT qualifications. With its focus on coding skills, computer science has also had a negative impact on the digital skills with which pupils graduate from school. This is backed by research-based evidence. A computing education report in 2018 highlighted that the number of hours of computing or IT taught in secondary schools dropped by 35.8% during the transition from ICT to computer science. A 2023 article by Computer Weekly highlighted that 15% of girls chose to take A-level Computer Science. Compare this to 2016, where 42% of entries for ICT were from female candidates.

We need cyber savvy school-leavers

This doesn't bode well for a society that's becoming more and more reliant on digital technology and facing more cyber threats than ever before. We simply cannot allow our young people to leave education without good digital skills and being cyber savvy.

Despite the move to teaching computer science in schools, and a generally more digitally literate society, research from IPSOS in 2022 suggests that while 59% of the UK labour force is not reaching its full digital potential – some 82% of jobs require digital skills.

Young people have grown up surrounded by technology. They have no fears about it and are often imaginative and innovative in using it. However, because young people are already proficient with digital tools, we have assumed that they're also aware of the risks associated with using new technologies.

Introducing computing concepts and principles to primary school pupils will undoubtedly encourage greater digital awareness. While the emphasis on the more scientific aspects of computer science has resulted in a fantastic pool of young people gaining excellent technical skills, it has also stopped young people from more diverse backgrounds entering the industry.

Diversity in thought required

These are precisely the people we need to get on board. The diversity in thought that different genders, backgrounds, cultures, and neurodiversity can bring to the industry is so important. Cyber security needs diversity of thought – how can we outwit the bad guys if we can't begin to out-think them?

Despite our perceived grasp of society's digital literacy, the IPSOS survey found that 40% of UK citizens did not have the skills to protect themselves online. Also, 20% of people were unable to update software to prevent viruses and other threats. These are worrying statistics.

While there may be some wonderful resources available to help young people develop cyber skills – most of them only focus on the technical aspects of cyber security, hacking, penetration testing, digital forensics and so on.

National Cyber Security Centre

England: Computer Science GCSE, AS, and A Levels | BCS 

Disconnected-Report.pdf

What's needed are resources that focus on the less technical aspects of cyber security, such as understanding cyber risk, training, and raising awareness, or building policies and procedures, to encourage a wider group of people to consider cyber as a career.

Getting it right from the beginning

By adding cyber skills into the computer science curriculum from primary school onwards, we'll be instilling digital skills and good cyber awareness, such as protecting data and privacy, right from the beginning. This will naturally lead to the design and creation of more secure and robust systems.

This would not only reduce the risk to our children, but it would also encourage underrepresented groups to enter the field because, from a young age, all students will have the subject open to them – just like English or Maths. In the same way as acquiring good numeracy and literacy skills, good cyber skills will have a huge knock-on effect on the wider education of young people and their ability to get on in life.

Imagine how embedding cyber awareness this early on could create a super cyber-aware workforce, that can develop and engineer systems with cyber security at their heart. It could have the potential to massively strengthen how we protect our data, and each other, in an increasingly digital and risky world. It would be the ultimate application of Secure by Design.

Learn more about starting a rewarding STEM career inside AtkinsRéalis.