 |
| IT Security Professionals Need Advanced Skills Training |
The digital era will lead to changes on a scale that will dwarf the disruption caused by the rise of the commercial Internet during the 1990s.
Businesses and governments are rushing to go digital. They want to find ways to make money and grow from the merging of mobility, big data, cloud, collaboration, and the Internet of Things (IoT).
Companies hope to ride the digital train to new markets. Governments prize digitization’s capabilities to transform communities. The same goes for criminal enterprises. Of all the challenges in this vast digital transformation, two are the most pressing.
Cybercrime is the first. Human beings, information, and machines are now connected. It makes it easier for criminals to steal precious data. Such data includes trade secrets, network performance benchmarks, and customer behavior patterns. And personal identities, items of national security, and private medical records.
The second is the scarcity of advanced security skills. Not enough IT professionals are trained and certified to meet the need for digital security expertise. The Bureau of Labor Statistics predicts that demand for cybersecurity analysts will grow 18 percent by 2024 in the United States alone.
❤❤❤
Digital security needs are different
New technologies are part of the digital era. Among these are software-defined networking (SDN), mobility, enhanced security, flexible access, and virtualization. IT departments must also work with the cloud.
Each new technology affects other technologies and brings up new security concerns. For example, an organization must understand today's security requirements to set up cloud and enhanced access.
Digitization focuses on intelligence and automation software. The old IT security practice of “set it and forget it” doesn’t work anymore. Threats are dynamic, evolving, and arriving from anywhere and everywhere.
Online criminals use sophisticated technology and tactics. They do not give up their efforts to hack into networks and steal data. They have surpassed security professionals’ ability to protect the growing amount of data across a growing number of systems and users.
A recently published study was conducted by the Center for Strategic and International Studies (CSIS). The survey polled 775 IT decision-makers at organizations in eight countries. An incredible 82 percent reported a shortage of cybersecurity skills.
This situation has a huge impact on any organization’s security capability. It shows the depth of talent in critical roles, pushes costs up to retain talent, and makes it impossible for staff to keep up with changing threats.
Other factors add to the problem. First, the security landscape is more and more complex. A typical enterprise has between 30 and 40 different security vendors in its network. Each part of this patchwork must be updated independently. This raises the chances that an attacker can exploit the weak spots in this piecemeal defense.
Second, cyberattacks are evolving. They are now conducted by cybercrime organizations and government-sponsored agents. The IoT provides new and unexpected ways to access systems and information by connecting more and different types of devices.
Today more than 10 billion connected devices run 77 billion applications. By 2020, there will be more than 50 billion connected devices, and more than 500 billion a decade later. That’s a huge growth potential not only for organizations but also for criminals. The IoT enables criminals to take control of devices for ransom in addition to stealing data outright.
Training for better IT security
This situation can improve. Organizations can defend themselves against digitization’s new security challenges. The answer is to invest in their people.
Organizations need IT security professionals who can identify malicious acts. They can see the connections between different activities. And they can classify events quickly by separating out false from true positives.
Digital security teams need operations specialists as well as the usual perimeter guards and security architects. Operations specialists watch over IT security systems, detect cyberattacks, and gather and analyze evidence. They also compare information and coordinate responses and can tell if an intrusion or security-related event has happened or is taking place.
Operations specialists also analyze telemetry data from various feeds used to assemble logs into related chains of events. They sort out relevant chatter taking place during a security event. Their unique skills improve security teams. They are another defense against new threats.
A new generation of IT security
As cybercriminals diversify their methods, federated security teams become more popular. That’s because attacks and threats now come from outside and inside the organization.It takes skilled engineers to design thorough detection mechanisms. Analysts and investigators are needed to comb through all information sources to find the needle in the haystack.
As widespread digitization’s security changes become clear, so does the response. Organizations and governments must invest in resources and the right training. They need it to develop networking professionals with the advanced skills to avert the far larger costs of successful cyberattacks.
Organizations must do everything possible to keep this data safe. In addition, IoT controls can be hijacked remotely if hacked, adding a new layer of risk.
While thieves reap big rewards for stealing data, businesses and other entities pay a rising price. The Ponemon Institute looked at 350 companies in 11 countries in 2015. It found that the average consolidated total cost of a data breach is $3.8 million, up 23 percent in just two years.
There are two reasons for this increase. Thieves are better able to steal – or ransom – much more valuable information assets. New, tougher regulatory penalties place additional burdens on IT systems.
Only professionals with advanced skills can keep data, networks, and machines safe. They can also securely connect networks, devices, and people. More than ever, properly trained and certified professionals are needed to keep IT infrastructure safe and to deflect ever more nefarious cybersecurity threats.
Post a Comment