In this exclusive interview, Barry Searle, Managing Director at Intelligencia Training, discusses cyber security risks to Critical National Infrastructure (CNI) sectors and how organisations can build cyber resilience by ‘upskilling’ through apprenticeships.

Intelligencia Training, the UK’s leading provider of Higher Apprenticeships to the protective services sector, is playing an integral role in helping CNI sectors to enhance their cyber resilience. Recognising the need for training that provides a ‘real-world’ solution, the apprenticeship provider recently welcomed the addition of the Level 4 Cyber Security Technologist Apprenticeship Standard to their portfolio.

Cyber security threats are evolving and UK CNI, including the chemical industry, is increasingly being targeted by malicious actors. A successful cyber attack against any CNI sector poses a significant threat the nation’s security. Despite these threats, cyber security skills shortages are still widespread.

Speaking to Chemical Industry Journal, Barry Searle, Managing Director at Intelligencia Training and a former military Intelligence professional that has worked across a number of law enforcement agencies and Intelligence services, shared insight into the current threats CNI sectors are facing.

Q1: What are the current cyber security risks to CNI sectors?

“We are living during a period of International insecurity within Europe for the first time since we became dependent upon Digital within our CNI. A lot of the equipment that we are using across our CNI networks was developed long before we began considering cyber attacks against our infrastructure and as such is often vulnerable.

Cyber threats have evolved to be about far more than data theft, many groups now focus on operational disruption as a way to generate revenue or have political impact and as such attacks against CNI are increasing all of the time.”

Q2: Why is training important for CNI sectors to increase cyber resilience?

“Training is essential as we need to understand the risk to appropriately mitigate it. If I compare organisations working in traditional CNI (water, energy, transport) to the likes of financial services institutions, the level of organisational cyber security knowledge is less mature as it has not been a focus for as long. That is partly because the regulators in lots of our CNI sectors have only more recently started holding organisations to account, but also due to a misconception that cyber security education is more important for those accessing data and financial information. In reality, it is arguably more important that an engineer accessing critical equipment in an electricity substation or water treatment works has a greater understanding than somebody sat behind a desk in accounts.”

Q3: What differentiates the Level 4 Cyber Security Technologist from other programmes?

“With all our programmes we focus on role specific context and the development of skills. Our programme is different as it is the only version of the apprenticeship curriculum that is specifically designed for those working with Industrial Control Systems and Operational Technology, and is taught by some of the UKs leading experts in this field.

Lots of cyber security curriculums are made around the most generic operating systems and technologies as a best fit but this doesn’t work in lots of industrial environments as equipment is specialist. Our curriculum focuses on the right fit, rather than a best fit. It is also exceptionally skills focused. We deliver the knowledge elements but provide ample opportunity for skills to be coached and trained, providing confidence that we are building capability that is useful to the organisation.”

Q4: Can organisations use this apprenticeship to ‘upskill’ their existing workforce?

“Absolutely, and this is often the best way to initially implement an apprenticeship scheme, as those already employed by an organisation have a better understanding of working practice, culture and objectives.

We regularly work with organisations looking to upskill and cross skill their existing workforce. Those that work in IT, data or conventional security roles can build on existing organisational knowledge and cyber security specific skills, allowing for movement across the organisation and increasing opportunities for role diversification and promotion, reducing the need for new recruitment and increasing natural retention.”

Intelligencia Training is an ‘Excellent’ employer-rated and award-winning apprenticeship provider. Through their unique delivery models and commitment to supporting individual employer and learner needs, the organisation consistently maintains an above national average learner success rate.

The recent addition of Level 4 Cyber Security Technologist Apprenticeship Standard builds upon their mission to offer new, role-relevant opportunities to professionalise and standardise knowledge and skills across Intelligence, Investigative and Security provisions.

For more information on the Level 4 Cyber Security Technologist Apprenticeship Standard, please contact info@intelligenciatraining.com.

www.intelligenciatraining.com