The cyber security skills your business needs
The threat landscape is constantly evolving, so it's important your staff are equipped with the right tools
It seems that every other day we are reporting on a new external threat or software vulnerability capable of threatening businesses across a range of industries. This is why it should come as no surprise that companies which are lacking the cyber security department are paying the price – $14.8 million per year, to be exact, and that’s only in the US. This is according to the latest Cost of Phishing report, which also found that the costs for resolving malware infections have more than doubled in the last six years – from $338,098 in 2015 to $807,506 in 2021.
When it comes to data breaches, the average cost of such incident has risen to $4.24 million (roughly £3.03 million) in 2021 – the highest amount in the 17-year history of IBM’s annual data breach costs report. This is partly due to the rapid shift to remote working, with incidents costing on average $4.96 million (£3.57 million) when remote working was a factor versus $3.89 million (£2.8 million) otherwise.
On top of that, companies are sabotaging their cyber security efforts with a mixture of poor recruiting and training practices, with the skills shortage in this sector being as bad as ever. Of the 489 cyber security professionals surveyed for the 2021 edition of the Life and Times of Cybersecurity Professionals report, 44% said it had worsened, while half said it was around the same over the past few years. The answer to this problem? Carve out more time for training in staff schedules, the report advised. To find out which cyber security skills you should invest in, read on.
The evolving threat landscape
Regardless of the size or type of your company, it's highly likely that you will have to address a cyber security incident sooner or later. But the problem isn't just the frequency of attacks, which have increased thanks to the rise of user-friendly tools and hacker-for-hire services. Threats today are becoming incredibly sophisticated and are capable of evolving at a pace that far exceeds any cyber defence strategy.
Modern cyber attack strategies are usually multi-pronged. Active or passive reconnaissance may first be undertaken as a preliminary for harmful attacks. Botnets, which are comprised of entire armies of infected machines, can be released, growing as new targets are infected through drive-by downloads of trojan horses. And island hopping is the latest threat keeping CIOs up at night.
The cyber security skills your business needs: Ethical hacking
Part of the ongoing battle is having the right people, in the right place, at the right time. Cyber security requires a very specific skill set, and a workforce that's prepared to work reactively and proactively to deal with threats. Often, the perfect security employee is, ironically, a hacker only the ethical kind. The role requires that employees are able to figure out the exact nature of the threat they are facing, whether that's simple password exploits or complex malware-based attacks, and devise an appropriate response.
When assessing skills, and developing a strategy, it's important to also factor in the attack vectors as well as the threats themselves. The rise of technology like IoT and edge are increasing the opportunities for attacks, and with most companies now moving to either pure cloud or a hybrid approach, this can make things even more difficult to secure.
The cyber security skills your business needs: Network security
Cyber security isn't just about dealing with external threats - internal threats, whether accidental or malicious, also pose a significant risk to businesses. Good network security is key to preventing data loss due to this type of incident and any candidate should be able to enact policies and controls within and around the network.
Such policies could include network access control, such as restricting the type of device that can access the network, or restricting what a device or user can do once connected. For example, those who aren't employed by the HR department shouldn't be able to access HR files, nor should those not working in the finance department be able to access financial data.
There is a wide range of tools available to administrators to enact these types of policies, including VPNs (virtual private networks), firewalls or more recent innovations like machine learning algorithms, which can quickly identify when a user or device is behaving unusually and cut it off. Firewalls are now being integrated with machine learning to produce the web application firewall (WAF) tool. Though not entirely foolproof in its ability to spot the difference between human and machine users, WAFs usually provide enough of a barrier to dissuade hackers from targeting your applications.
Software can also be deployed to divide servers into micro-segments, which can halt the spread of infection throughout the network.
The cyber security skills your business needs: Cloud security
These days, virtually all organisations use the cloud to some degree. This means that organisations need to secure data and applications using the cloud in addition to securing their own on-premise infrastructure.
There is, however, a shortage of cybersecurity professionals with expertise in the cloud. Nearly a third (29%) of businesses claim to have a shortage of cloud security skills, according to 2017's ISSA/ESG survey.
The responsibility for ensuring the security of data and apps in the cloud is with an organisation, and not with the company that provides the cloud service. As organisations move from dealing with on-premise threats to cloud-based threats, they need professionals with cloud security skills.
Among the cloud security threats is poor identity management, as hackers may mask themselves as legitimate users in order to access, modify and delete data.
Another cloud security issue is poorly-secured cloud apps. Most apps and cloud services use APIs to communication and transfer data. This means the security of the API directly affects a cloud service's security. The chance of a data breach increases when third parties are granted access to APIs.
Institutions such as SANS and CSA offer cloud security certifications for professionals to increase their skill sets in this area.
The cyber security skills your business needs: Risk management
Nine traits you need to succeed as a cyber security leader
What characteristics and certifications make a successful cyber security leader?Free download
The base skill any cyber security specialist should have is an understanding of risk management - knowing how best to respond if and when the company is hit by a threat. Good risk management is always built on solid strategies and procedures for dealing with security events. Despite this, insurance broker Marsh reported that business leaders are not prioritising risk management as part of their wider IT security strategies.
Such a strategy should follow three steps: prevention (how to reduce the risk of an attack), resolution (steps to follow if an attack is successful), then restitution (repairing customer trust, or generally mitigating any consequences of a hack).
Since risk can't be eliminated entirely, this skill is incredibly important. Risk management helps prevent or decrease uncertainty within an organisation and improves its overall efficiency, confidence, and reputation.
The cyber security skills your business needs: Patching and software management
When an organisation stores a lot of data on-premise in its own data centres, it needs a security expert that understands the importance of regular software updates, as well as how to roll them out across the business with the least possible disruption.
Patch management is key to ensuring malicious actors are unable to attack an organisation via a disclosed vulnerability. Most software programmes issue a sequence of patches after the initial release of the software, so the security expert must continually download and apply them to ensure systems remain protected. Microsoft takes this a step further, following a weekly patch release schedule for their customers.
Organisations using SaaS software will have an easier time because updates are made to the cloud directly from the vendor. Vendors also provide an audit trail, ensuring compliance needs are met. It's still important to keep an eye on any security issues within these products, though.
The cyber security skills your business needs: Big Data analysis
Analysing large amounts of data is another essential skill in cybersecurity. An example of how data analytics is a useful cyber security skill can be found when looking at advanced persistent threats (APTs).
According to the Cloud Security Alliance, advanced persistent threats (APTs) generally aim to steal intellectual property or strategic business information and are currently among the most serious security threats to organisations.
Big Data analytics is beneficial for detecting APTs as there is typically a huge amount of data to look through in order to find anything abnormal. Without it, this process would take much longer and be less likely to identify any threats.
The cyber security skills your business needs: Non-technical skills
When it comes to cybersecurity, non-technical skills are just as important as technical expertise. For instance, strong communication skills are essential for communicating a threat clearly and to make sure other departments understand the importance of security. Teamwork and collaboration also play a role, as experts work in various teams to ensure the job is done effectively.
Moving away from siloed workspaces and integrating departments can generate the transparent, collaborative culture necessary to ensure ideas and issues are not lost in translation.
The cyber security skills your business needs: Governance
Governance plays a large role in cybersecurity as well. For example, if a cloud computing data breach occurs, the service provider should alert all customers of said breach - even the ones who were not impacted. The provider should then make efforts to identify and resolve any issues or vulnerabilities. Under new data protection laws, known as the General Data Protection Regulation (GDPR), organisations must inform affected users and the data protection authority within 72 hours of a breach, or face a fine of up to 2% of their annual turnover, or 10 million.
The proliferation of regulations being applied not only protects consumer privacy, but also protects business data and IT infrastructure. Compliance benefits both the organisation and any customers and partners it comes into contact with. Though, it is important to not be so focused on simply compliance that actual cyber risks are forgotten.
The cyber security skills your business needs: Automation
One solution being proposed to cover the problem of the cyber security skills gap, while also improving security in businesses overall, is the increased use of automation.
Most of this focuses on the use of machine learning and artificial intelligence (AI) to identify known and potential threats faster, while also reducing some of the false positives seen in earlier automation. This means that anything flagged as a potential issue is less likely to be a waste of human time.
AI and machine learning can identify threats by type, such as ransomware or phishing attempts, whether it's a known malware or not. They can also identify errant behaviour by users, for example, if a person who works 9-5 becomes active at 3am, or starts trying to access systems and data they don't normally or don't have the appropriate privileges for. This could be indicative of a successful hack or an insider threat and can be investigated by the appropriate members of the IT team.
The most modern enterprise security software offers AI and machine learning capabilities, although what you choose to adopt will depend on the skills already present in your business. If there's no one who knows how to investigate and remedy potential and actual hacks, you will need to train someone up in this area in order to use the software effectively.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download