The National Cyber Security Centre (NCSC) has seen a 60% rise in girls applying for CyberFirst summer schools. The rise in applications comes after the NCSC decided to move all training online this summer. Doing so allowed it to provide an additional 670 places on the courses. Overall, 1,770 people aged 14 to 17 took part in this summer’s courses, setting a new record for CyberFirst.
In 2018, the NCSC launched the CyberFirst Girls Competition to run alongside CyberFirst. Initially open to just 12 to 13-year-old girls, the competition and training have proven a success. Registration for the 2020/21 competition opens on November 30.
Course participant Lydia, from Northern Ireland, said: “I’ve honestly loved my experience with CyberFirst. I can’t wait to be able to apply my knowledge in the industry. Although this year was a little different from the last two courses, I still loved it and I would definitely encourage people to attend these courses”.
Lisa Forte, Partner Red Goat Cyber Security and co-founder of Cyber Volunteers 19 said: “Seeing a 60% rise in applications from girls is incredible. We have to remember that this is the start of increasing diversity in cyber security and tech in general.
“To have so much success in a year where events have to be held online is very encouraging. I would love to see more diversity across the board in this rewarding sector. It is essential for innovation, defensive and offensive cyber that we cultivate the next generation.”
What is CyberFirst?
CyberFirst is a programme of courses and training to help 11 to 17 year-olds get into cyber security. It provides a path to enable students to get a place on a CyberFirst course run by UK universities and colleges.
There are three levels of training:
CyberFirst Defenders (for those aged 14–15)
CyberFirst Futures (15–16)
CyberFirst Advanced (16–17)
NCSC also provides a bursary of up to £4,000 per year for undergraduates and paid cyber security training during holidays. Additionally, there is also a CyberFirst Degree Apprenticeship. It is a level six apprenticeship where undergraduates work at GCHQ. They are paid to learn and ensures that they finish their apprenticeship with a degree and verified work experience. It makes them sought after among employers.
CyberFirst is not the only programme being run by NCSC for students. There is Cyber Discovery which targets 13 to 18 year-olds. The closing date for the next set of training closes on October 21.
Students are also able to take part in Empower Digital Cyber Week, which takes place this year from November 9-13. It allows then to take join and watch online sessions from cyber security experts.
Is the NCSC the only body supporting students in cyber security?
No. Long before the NCSC and other UK Government bodies got involved in cyber security training, the Cyber Security Challenge UK was set up. Founded in 2014, it ran its first Cyber Centurion competition in 2015. It set diversity as one of its prime goals. In addition, to support schools and youth groups with cyber security competitions, it also provided a way for people to demonstrate their cyber security skills to change careers. The 2016 finals had an age span of 17-56 years.
In 2017, it supported a Neuro-Diversity day at the Defence Academy of the United Kingdom. Importantly, it widened the discussion about diversity in cyber security to support people with autism and what skills they brought to cyber security. Since then, it has provided teams to take part in the European Cyber Security Challenge run by ENISA.
Another organisation that is working to increase diversity in cyber security is Bletchley Park Qufaro. In 2018, it launched its own apprenticeship scheme, the Cyber Extended Project Qualification (CyberEPQ). It is currently enrolling for the next set of courses and is open to everyone aged 14 and over.
Enterprise Times: What does this mean?
Widening the pool of talent for cyber security is critical. For years there was a blinkered approach to only those with university degrees being suitable for roles in cyber security. That has been changing, albeit slowly. There has been an increased focus on the role of veterans in cyber security as the UK Armed Forces increases its focus on cyber security.
There is also a growing acceptance that we are losing a lot of potential skills and damaging our ability to defend against attacks by having too narrow a focus on those who are employed. The NCSC is following the lead of others and targeting girls at school to increase the cyber security base. This is important and is one of its goals.
In July, it published the Decrypting Diversity report with KPMG. It sets out the need to improve diversity and inclusion in the cyber security industry. These results show that CyberFirst is already having a significant impact on getting girls into cyber security.
The next step is to show how well it is doing in breaking down other barriers to inclusion such as race, culture, socio-economics, education and neuro-diversity. What is needed next is for the NCSC to publish a wider breakdown of its numbers to show how well it is doing outside of challenging gender issues.
For now, however, it is proper to applaud it for achieving such a huge increase in girls applying for CyberFirst.