The UK needs more young people entering the IT security profession if it is to avoid a skills shortage in the near future, according to the government’s special representative to business for cyber security.

“There are far too many people over 40 working in this area and not nearly enough in their twenties,” Baroness Pauline Neville-Jones told delegates at the ITEC conference in London yesterday.

Describing the need for fresh blood in cybersecurity as “urgent”, Neville-Jones warned that without young people entering the profession, the UK could face a significant skills shortage in IT security, hindering its cyber defence capabilities.

“At the moment there are about 2.28 million IT security professionals worldwide, reckoned to double in five years. Where are people going to come from? There’s not a flow-through, there’s not a stream – and it’s urgent,” she said.

Exposing children at an early age to cybersecurity job opportunities will be a way to create this stream, she suggested.

“If we want to get people interested, it needs to start in schools. People need to know this activity has a future and a framework,” she said.

In the short term, Neville-Jones said the UK needs to “patch, make do and mend”, and she believes that retraining people in cyber skills will play a significant role.

“Technology is releasing people from certain areas. We need to redeploy them. Retraining is a big part of this agenda. I do attach a lot of importance to get retraining going,” she said.

A survey of university IT students in the UK recently found that MI5, MI6 and GCHQ featured in the list of top 10 employers they would like to work for – but the likes of Google and Apple were still more popular.