After attending the National Cyber Security Show 2024 at the NEC last week, some thoughts.
So last Thursday we attended the National Cyber Security Show at the NEC.
To quote the show " In a digital age where one small business in the UK falls victim to cyberattacks every 19 seconds (source: Hiscox), safeguarding your business against cyber threats has never been more critical. The National Cyber Security Show is your gateway to a deeper understanding of the current and impending cyber threats. "
As OCM provide cybersecurity solutions the reasons for our visit are obvious.
So whats the connection to Dads Army ? Managed Service Providers are the modern day "Home Guard" protecting enterprises across the UK from cyber attacks.
The role of the MSP in defending businesses is being recognised by goverments across the world including the UK :-
The UK's National Cyber Security Centre (NCSC):Â The NCSC's guidance for small businesses (https://www.ncsc.gov.uk/) advises businesses to consider partnering with a cybersecurity-focused MSP.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA):Â CISA emphasises the role of MSPs in national cybersecurity preparedness. Their "Improving Cybersecurity for Small Businesses" resource (https://www.cisa.gov/cyber-guidance-small-businesses) highlights the importance of partnering with an MSP for security solutions and expertise.
The Australian Cyber Security Centre (ACSC):Â The ACSC's "Essential Eight" strategies for mitigating cyber threats (https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight) emphasises the role of managed service providers in implementing essential security controls.
The EU has actioned into member state law the cyber security standard NIS2 and made it a legal requirement for essential entities such as critical infrastructure providers but also businesses in additional sectors such as manufacturing and digital providers. MSP's throughout the EU that are handling the implementation.
The Home Guard were not professional soldiers but what counts as professionalism within the cyber security industry?
Which brings us back to the National Cyber Security Show and an excellent presentation by Debi McCormack of The Cyber Scheme entitled " Let's talk about professionalism - it's a good news story "
heres the slide deck :-
Our industry is mainly unregulated. This creates issues that affect us all. To be a cyber security professional means different things to different parties :-
Academic qualifications such as cyber security degrees failing graduates as a path to entering the profession because employers are not interested.
Industry recognised qualifications, which cost thousands ££, and often undertaken and funded by private individuals trying to enter into cyber security. And again the industry is agnostic, at best, to qualified but unproven candidates.
The single biggest employment sector in the uk is the SME sector. 5.6 million businesses employing 16.7 million people and we would argue that almost none of this sector would know how to recognise a true cyber security professional and engage them to protect their business. They will only hear from the providers with the biggest advertising budgets.
The good news is that regulation that can be trusted is coming.
The UK Cyber Security Council is moving the profession to a chartered industry which aims to be as recognisable as chartered accountants , surveyors , lawyers and the medical professions.
The UK Cyber Security Council has been established to support this journey, funded by DSIT and given the task of managing standards by NCSC and GCHQ. Their ability to issue professional recognition at Associate, Principal and Chartered Levels will enable :-
Future cyber security professionals to have a career path from education through employment to a recognised professional status that is trusted by organisations and industry across the UK.
The cyber security industry to gain professional status that businesses and organisations will recognise as trusted advisors.
Dad's Army certainly were not professional, don't let your cyber security advisors be the same!
The UK Home Guard were ordinary civilians who stepped up in extraordinary circumstances. Their dedication, albeit in a less glamorous role, was a key component of Britain's defensive posture.  While their legacy may not be as prominently celebrated as other branches of the military,  historians and those who lived through the war recognise their valuable contribution.
Much like the Home Guard stood as a vigilant force protecting Britain's shores, today's MSPs serve as the cybersecurity guardians for businesses of all sizes. We are the first line of defence against ever-evolving cyber threats, working tirelessly behind the scenes to secure data, networks, and systems. Like those local heroes of the past, MSPs combine deep technical knowledge with adaptability, ensuring that businesses are resilient in the face of potential attacks. Our unwavering dedication often goes unheralded, but our success lies in the attacks prevented and the peace of mind we provide.
OCM will certainly look to embrace the chartered route provided by the UK Cyber Security Council.
Why It Matters to your business :-
Trust & Credibility:Â The Council fosters trust in the cybersecurity profession by establishing clear standards and recognising those who uphold them.
Industry Growth: It contributes to a stronger, more skilled cybersecurity workforce, essential for safeguarding the UK's economy.
Improved Standards: The Council raises the bar, encouraging cybersecurity professionals to engage in continuous development, ultimately improving the quality of services offered.
Look out for our progress.