By Sooraj Shah
‘Big Four’ firm KPMG has scaled down its sponsorship of the Cyber Security Challenge (CSC) because of a lack of credible talent for the firm to recruit.
In an interview with , the UK head of cyber security at KPMG, Martin Jordan, said that while the firm is still involved with the competition, and continues to sponsor the event, it has not had the effect that the firm had hoped it would.
“We’ve drawn down our involvement this year, sadly we didn’t see the CVs coming through and the sponsorship is quite expensive – we are a business. We still sponsor it, but there are a lot of other programmes going on,” he said.
Stephen Bonner, a partner in the information protection side of KPMG, said that one of the issues with the challenge is that it doesn’t reflect what a role in cyber security entails.
“Rarely in our career do we have a time-limited challenge with no conferring, it is slightly artificial and [caters for] the type of person who can perform well on their own under pressure, which is a desirable skill but not essential. Most of our problems are over a long period of time, about influencing others – not a puzzle,” he said.
But Bonner added that the challenge has at least grown awareness of cyber security as a profession, and said that he sympathised with the event organisers, suggesting that it is not the role of CSC to be a recruitment agency.
“I don’t think it was ever CSC’s role to find all of the candidates, they weren’t a recruitment agency. What we are yet to see is good economic research into what is causing a cyber-skills shortage and what interventions will make a difference, but it is unlikely that a series of competitions would be the most powerful [way of making a difference],” he explained.
Bonner believes that the competition can only reach out to a small number of people, and that a shift in the educational system – by adding a security module in GCSE Computing for example – would be a better way to raise awareness of cyber security, although he admits that it would take years before this had an effect.
Meanwhile, Jordan believes that the firm can benefit more by working alongside universities.
“We will certainly get more return on investment [than CSC] by going to Cambridge University on the weekend, working with the Computing and Technology Society there and having a challenge for them. There would be five of us [from KPMG] who can answer questions about our roles, and we can tell them that we don’t crack puzzles, but that we work on long-term solutions of a problem in securing data,” he said.
“That way we’re attracting people who are not hacker-wannabes but just very bright people that we can train,” he added.