Nato is declaring the skills of ethical hackers as a necessity and an important weapon against the anti-black hat war.
Jamie Shea, Nato’s deputy assistant secretary general released a statement in a video reviewing the exploration on the ethical hacker community.
“In order to have a defence you need to have a much wider group of people with a much broader set of skills working for you than as in the old days when we were talking about the man from the ministry with a set identity. That’s not the case anymore.” He said.
Nato’s spokeman added also in a video statement
“The community is currently an under-tapped source that could help temporarily plug the global cyber skills gap. Traditionally, ethical hackers, known as white hats, have disclosed security bugs for free and many continue to do so just for the prestige. But with industry and governments around the world looking to beef up their cyber defences, ethical hackers can now have the pick of jobs in a booming industry. The companies and governments must work to create an ethical disclosure culture making financially – as well as legally – advantageous for bug hunters to responsibly report vulnerabilities.”
“The risk associated with a security exploit being sold to the highest bidder, of course, is that the average user doesn’t necessarily get protected. Instead, details of the flaw may never be exposed to the software vendor, giving others an opportunity to abuse it for their own financial or intelligence gain,” he wrote. “Clearly that is something the Nato video is concerned about, and it takes pains to interview hackers who believe in responsible disclosure of bugs to vendors, giving the manufacturer time to fix the problem before details of the bug are made public. With the stakes rising all the time, it’s no wonder that more people are wondering whether a career in IT security might be a good choice for them – either as a defender, or as a bug hunter.”
Despite Nato’s repeated warnings, governments around the world are still failing to train the upcoming generation of cyber security experts. The UKNAO (UK National Audit Office) released a report stating that the current skills gap would set us back 20 years and cost UK 27bn a year.
Regardless the Nato spokesperson pointed out the positive of the UK Cyber Strategy program while referencing the enormous gap,
“There is a shortage of skilled IT security professionals around the world. The UK has recently launched a training and education initiative in schools and universities to address the skills gap.”
For a refresher, in 2011 UK Cyber Strategy was declared by the UK government. Its a promise to invest £650 for training the next gen security experts. it focused heavily on education, setting up high education centerse and internship schemes for young adults looking to enter this industry.
In May, the UK government promised to invest £7.5m to establish a new cyber security research centers at Oxford University and Royal Holloway University London.