London, UK – 84% of surveyed UK students have never considered a career in cyber security, compared to 50% of surveyed students in Saudi Arabia and 46% in the UAE, according to the latest research from global IT security training company SANS Institute. This places Britain behind the leaders when it comes to EMEA students’ appetite and preparedness for studying cyber security – the lack of which has been identified by the World Economic Forum as ‘one of the top risks to stability in the world.’
We’re currently on the brink of a cyber security crisis. By 2020, there will be approximately 24 billion internet-connected devices installed across the world. However, reports show that in the next year or two, unfilled cyber security job openings globally will run into several millions, meaning we’re severely short of professionals to secure all those devices and systems we’re putting online.
Given the enthusiasm and aptitude of the iGeneration* for digital technologies, the answer to our cyber crisis could lie in enthusing and educating younger generations about cyber security now, to arm our future workforce. Towards the end of 2018, SANS commissioned research agency Vanson Bourne* to explore awareness of and opinions on cyber security among 4000 students in seven countries across Europe and the Middle East (the UK, France, Germany, the Netherlands, Belgium, the UAE and Saudi Arabia). The SANS EMEA Survey: the iGen and Cyber Security report outlines the findings. While the majority of students across EMEA had heard of cyber security (81%), the results show that those countries with higher awareness of the subject could potentially have a competitive advantage when it comes to building out talent in the longer term.
Key findings from the research include:
- Germany leads the pack in cyber awareness: 92% of students from Germany said they had heard of cyber security, followed by the UAE (85%) and the UK (82%). Belgium came bottom (76%). Given the prolific nature of cyber security and the media attention it attracts today, it’s perhaps surprising that no country achieved 100% awareness.
- UK teachers share their cyber knowledge: 60% of UK students that have heard of cyber security said they heard about it from teachers, considerably higher than in Belgium, Netherlands and Saudi Arabia, which trailed at 35%, 35% and 38% respectively. This may be due to differences in how cyber security is covered in various curricula. Parents in Germany came out as a top source (58%) as did online resources there (61%), significantly higher than any of the countries surveyed.
- There’s more to IT than cyber: 32% of surveyed students across EMEA are considering IT as one of their top five career choices. In fact, it was more likely to be ranked in the top five than more traditional careers such as doctor/nurse (21%), teacher (19%) or working in finance (16%). On a local level, students from Saudi Arabia (47%), the UAE (46%) and Germany (33%) are more likely to consider IT in their top five careers. Of those interested in a career in IT, creating apps/software was the most likely (61%) area of IT to be chosen, followed by IT system design (52%), and cyber security (49%).
- Cyber as a feasible career path: Generally, awareness of careers in cyber security is low; just 11% of EMEA students (9% in the UK) said they were ‘very aware’ of roles in the sector. 65% of EMEA students would be more interested in cyber security as a job if they knew more about the topic generally. In the UAE and Saudi Arabia, where cyber awareness is high, 61% and 59% respectively were ‘very’ or ‘somewhat aware’ of career opportunities in cyber security. The UK ranked fifth out of the seven countries for careers awareness.
- Thirst for knowledge: Whether or not students are aware of the career options available, a whopping 81% of students across EMEA said they would be interested in learning more on the subject, as part of their school day, an extra-curricular activity, or both. Again, UK students ranked fifth out of the seven countries surveyed, with just 75% of students keen to explore cyber, compared to 93% in Saudi Arabia, 91% in the UAE and 90% in Germany.
- Personal device access: Of those students who rate the devices they own or have access to as very or somewhat secure, there is still a heavy reliance on anti-virus to secure devices (68% of students) followed by students saying they only download trusted apps (56%). Only 27% of EMEA students say they feel able to spot suspicious activity on their device.
“With pressure on organisations to find skilled cyber security professionals and the uncertainty of Brexit exacerbating the issue, it’s now more important than ever for the UK to develop home-grown cyber talent, rather than relying on other nations to provide that expertise,” commented James Lyne, Head of Research and Development, SANS Institute.
“The outlook is more positive however, as there is now wider industry acknowledgement of the importance of engaging the younger generation in cyber security, to help plug the skills gap. Programmes such as Cyber Discovery, being delivered by SANS for the UK Government as part of its Cyber First initiative, are beginning to help address this lack of engagement. SANS encourages the development and roll-out of such programmes, so that Britain can effectively arm the workforce of tomorrow with the tools they need now to help make the country more competitive and secure.”
Click here to download a copy of the report.
Notes to editors
- In Q4 2018, Vanson Bourne undertook research on behalf of the SANS Institute, questioning 4000 students aged 14-18 across EMEA. Countries surveyed include the UK, France, Germany, the Netherlands, Belgium, the UAE and Saudi Arabia. Out of the total sample base of 4000 students, 1000 respondents were based in the UK, with the other countries in the survey providing 500 student respondents respectively.
- Generation Z or the iGeneration usually refers to those born after 1995. In the context of this report, we polled students between the ages of 14 and 18. Reports indicate that the iGeneration will account for a huge proportion of the world’s population (32%) this year.
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (https://www.sans.org)