Norwegian State Discusses Vulnerabilities with Private IT Sector

National security is now an area of deep concern for Norway. This includes the protection of primary IT networks and communications platforms. As a result, the Norwegian government aims to discuss vulnerabilities with private IT sector.

Discussing Vulnerabilities with Private IT Sector

Talks between the government and industry leaders will cover a broad range of issues. The immediate goal is to discover the more important vulnerabilities and resolve them with best practices. Norway’s IT industry has been addressing the issue of vulnerabilities to the government for many years. The industry has often made a point about the increasing level of risk across ICT sectors.

Tekna, the Norwegian organisation for graduate technical and scientific professionals, issues a warning in August. They addressed the need to scale up network security and develop IT training for professionals.

Not Enough ICT Professionals have Required Knowledge

In a Tekna survey of ICT professionals specialising in network security, 56 per cent of professionals were said to have only a medium level of security knowledge. 10 per cent claimed to have “little or no knowledge of ICT security systems or protocols”. Only 36 per cent of those in the survey believed to have the necessary level of ICT security education for the work they were doing.

“What we discovered surprised us greatly,” said Tekna president Lise Lyngsnes Randeberg. “It was amazing to find that master’s degree professionals working in technology, and who are ultimately responsible for ICT security, openly admitted to having an inadequate security-based education to draw upon when attempting to fulfil their ICT work requirements.”

Tekna’s survey has added significance as 500 of the organisations most qualified members took part. Each of these individuals holds a Master of Science degree or higher within the ICT industry. One of the survey’s discoveries that stands out is that the skills deficit in the ICT industry threatens to hinder efforts to eliminate security vulnerabilities in networks.

“For us, what this ICT security study shows is that it’s now of paramount importance to take immediate action, at the educational system level, to strengthen ICT security knowledge in Norway,” said Randeberg.

Training Issues

Education and training problems are top of the list for the talks between the Norwegian government and the tech sector. Topics within these talks will be stated investment in IT-related education and training at secondary schools, third level colleges and technical institutions.

The long-term goal is to redefine the needs of the ICT industry in Norway. They also aim to define how a unified approach between public and private sectors can bring the necessary skills to the ICT industry. A key obstacle for everyone will be undoing the trend of fewer professionals choosing to take a PhD in ICT in Norway. This spells danger for ambitious ICT sector that is eager to use advanced human expertise to drive innovation and competitiveness.

The collaboration between public and private sectors is supposed to create more public spending on basic, intermediate and advanced ICT security education and training. There will be a particular focus on raising the importance within Master and Doctorate curricula. All information and communications systems security are likely to become a necessary part of all future ICT education and training in Norway.

Problems in Recruitment

This proposed new layer of security expertise will make ICT enterprises in Norway happy. Recently, these enterprises have experienced increasing difficulty in recruiting the best in IT talent. This should benefit both the public and the private sector.

The competitiveness and the need to improve advanced skills flow to the ICT industry is the main concern for government officials and industry bosses. In August, the risk of a rolling skills deficit was highlighted after the publication of the Abelia Reversal Barometer for 2018 (ARB-2018) technology Survey.

Conducted by research organisation Ny Analyse, the survey downgraded Norway in terms of competitiveness, ranking against 29 other countries. Norway dropped from 13th to 20th position in its technology innovation, development and available ICT skills league tables. The key indicators in the survey are mixed and somewhat conflicting. The study found that Norway a is still top of the class, per ratio of population, for digital use. However, the scale of Norway’s ICT sector and level of ICT-related research shows it still lags behind many western competitor nations.

 “It is absolutely true that Norway has embarked on a series of measures to advance our development and use of digitisation,” said Håkon Haugli, CEO of Abelia. “Although the Norwegian government is very boastful of this, other countries are making greater gains. We must measure ourselves against the best. We score well for the scope of our education, but are placed poorly on expertise, especially in ICT.”

The sector is Likely to Self-Correct

The ARB-2018 survey has many positives and indicators to suggest the ICT sector is likely to self-correct soon. The survey notes that Norway’s ICT industry is going through an elevated innovation phase. Business and industry sectors should increase their ICT-related research and development investments significantly over the next 5-10 years. This renewed focus in network security partly comes from increasing state-led investments in national projects created to offer better protection around the country’s critical ICT infrastructure.

The increased national security threats posed by attacks from hostile cyber activity has created a number of far-reaching capital investments and security projects. The latest of these is the establishment of a National Cyber Security Centre (NCSC). This will operate under the National Security Authority (NSA), which forms part of the Ministry of Defence (MoD). The NCSC will be funded from the MoD’s budget. The NSA has also been tasked to run an enhanced Digital Infrastructure System (DIAS) project. The €53 million capital allocation assigned to this venture is mainly created to expand, strengthen and modernise the DIAS’s capabilities.

Join us for ESRM UK

The cyber threat landscape is growing in complexity, resource and sophistication. We see fresh attacks every day that are imaginative in execution and potentially devastating in impact. Meanwhile, the cyber domain has moved into every area of modern life, from the SCADA systems of nuclear stations to the smart homes they power. Join us in September 2019 as we showcase the latest tools and technologies to help public and private sector security professionals enhance their security posture, stay ahead of the curve and celebrate key milestones in the Cyber Security industry.