The Ministry of Defence (MoD) has established a new “cyber pipeline” which will fast track training for recruits who will be working in cyber defence.
In an effort to increase the number of cyber professionals as quickly as possible, the MoD announced on Thursday that basic training for recruits in that field will be shortened from 10 weeks to one month.
From there, the recruits, who Secretary of State for Defence John Healey has dubbed “cyber warriors,” will undergo three months of specialist training at the Defence Cyber Academy in Shrivenham, Oxfordshire.
By the end of 2025, trained personnel will then be moved into operational roles. They will either be working at the Defence Digital headquarters at MoD Corsham in Wiltshire securing military networks, or be sent to the National Cyber Force in Samlesbury, Lancashire, to conduct cyber operations to disrupt online threats.
The entry routes will be for aspiring cyber professionals and those who already have existing skills, with recruits set to have starting salaries of £40,000 a year, which is one of the highest in the armed forces.
Recruitment for these cyber roles will initially be through the Royal Air Force and Royal Navy, with the Army joining for subsequent recruitment campaigns in 2026.
‘New Front Line’
The MoD said that with the rapid development of technologies and the nature of warfare changing, the UK needs to be able to face these growing threats.Announcing the plans, Healey said, “Fast tracking cyber warriors into our military will help ensure our Armed Forces are better equipped to face our adversaries in the 21st century and defend the country from the changing threats we face.”
Minister for the Armed Forces Luke Pollard said that given the number of cyber attacks conducted against military networks, “it is essential that we step up our cyber defence, fast-tracking the brightest and the best cyber specialists to help protect the UK and our allies.”
Launching the scheme during a visit to MoD Corsham, Pollard continued: “We are in a new era of threat, with cyberspace as a new front line. Our government will deliver for defence by boosting recruitment efforts, cementing our national security as the foundation of our Plan for Change.”
New Severity Rating System
Also on Thursday, the independent Cyber Monitoring Centre (CMC) announced a system for categorising cyber events impacting organisations.The CMC will categorise cyber events that have a potential financial impact greater than £100 million. These events, including cyber attacks and IT outages like the CrowdStrike incident, will be categorised from a scale of one (least severe) to five (most severe).
Chairman of the CMC’s Technical Committee and former Chief Executive of the National Cyber Security Centre (NCSC) Ciaran Martin said the new system will help businesses respond and recover.
Martin said: “I have no doubt the CMC will improve the way we tackle, learn from, and recover from cyber incidents. If we crack this, and I’m confident that we will, ultimately it could be a huge boost to cyber security efforts not just here but internationally too.”
Underestimating Cyber Threats
In December, the NCSC said that the UK was underestimating the cyber threats being faced from hostile state actors as well as criminal threats.The annual NCSC review found that there had been an increase in the number of cyber incidents which needed help from the agency, including 89 categorised as “nationally significant,” with 12 at the top end of the scale and deemed the most serious.
One of the hostile state actors highlighted in the report was China, with the NCSC calling the communist regime a “capable threat actor, targeting a wide range of sectors and institutions across the globe, including in the UK.”
The NCSC assessed that threat actors were “almost certainly responsible” for malicious cyber campaigns against parliamentarians in 2021 and for compromising computer systems at the Electoral Commission between 2021 and 2022.
