Enterprise digitisation and changing threats mandate more advanced security skills

In the digital age, security is Job No. 1 for everyone, job title aside. Every facet of networking must be viewed through a security lens. Businesses and governments are rushing to take advantage of the profound shift brought about by the merging of mobility, big data, cloud, collaboration, and the Internet of Things (IoT).

Enterprises hope to ride the digital wave to markets not yet imagined. Governments crave greater digital capabilities. The same goes for criminal enterprises. Of all challenges in this vast digital transformation, two stand out. Cybercrime is one. Human beings, information, and machines are now connected. It is easier for criminals to steal precious data. This includes trade secrets, network performance benchmarks and customer behaviour patterns. Not to mention the personal identities, items of national security and private medical records that keep cropping up in the news.

The shortage of security skills is the other. Not enough IT professionals are trained and certified to meet the soaring need for digital security expertise. The Bureau of Labor Statistics predicts that demand for cybersecurity analysts will grow 18 per cent by 2024 in the United States alone.

For organisations to take full advantage of digitisation, they need to have strong and well-rounded security teams. Yet today’s security team will look a lot different from yesterday’s. The digital era means new technologies. Among these are software-defined networking (SDN), mobility, enhanced security, flexible access and virtualisation. Networking professionals must also work with cloud deployment models.

Each new technology affects other technologies. It brings up new security concerns. An organisation, for example, must understand today’s security requirements to set up cloud and enhanced access. Digitisation emphasises intelligence and automation. The world is increasingly controlled by automation software. The old network axiom of “set it and forget it” doesn’t work anymore. Threats are dynamic, evolving and striking from anywhere and everywhere.

Online criminals use sophisticated technology and tactics. They continually try to breach network security and steal data. They have surpassed the ability of networking and security professionals to protect the growing amount of data across a growing number of systems and users. A recently published study of the cybersecurity skills shortage was conducted by the Center for Strategic and International Studies (CSIS). The study polled 775 IT decision makers at organisations in eight nations. An astounding 82 per cent reported a shortage of cybersecurity skills. This situation has a huge impact on any organisation’s security capability. It shows up in the dearth of talent in critical roles. It pushes costs up to retain talent. And it makes it impossible for staff to keep up with changing threats.

Other factors make the problem worse. First, the security landscape is increasingly complex. A typical enterprise has between 30 and 40 different security vendors in its network. Each part of this patchwork must be updated independently. This raises the chances that an attacker can exploit the weak spots in this piecemeal defense.

Second is the changing nature of cyberattacks. They are now from organised cyber-criminals and government-backed groups. In addition, by connecting more and different types of devices, the IoT opens up new and unforeseen ways to access systems and information.

Today more than 10 billion connected devices are running 77 billion applications. By 2020, there will be more than 50 billion connected devices and more than 500 billion a decade later. That’s a huge growth potential not only for organisations, but also for criminals. With the IoT, criminals are now able to take control of devices for ransom in addition to stealing data outright. This situation is not hopeless. Organisations can defend themselves against digitisation’s new security challenges. The answer is to invest in their people.

Networking professionals must be able to identify malicious acts. They should see the connections between different activities. And they should be able to classify events quickly by separating out false from true positives. Digital security teams need operations specialists as well as perimeter guards and security architects. Federated security teams are more popular because cybercriminals’ methods are more diverse.

Security operations specialists watch over IT security systems. They detect cyberattacks, gather and analyse evidence, compare information and coordinate responses. They can tell if an intrusion or security-related event has happened or is taking place. In addition, they analyse telemetry data obtained through various feeds used to assemble logs into related chains of events. This allows them to sort out relevant chatter taking place around a security event.

Hiring and training employees with these specialised skills helps organisations enhance their existing security teams. Operations specialists are another defense against new threats. Today, attacks to the network come from multiple directions, both inside and outside the enterprise. It takes skilled engineers to design comprehensive detection mechanisms. Analysts and investigators are needed to comb through all information sources to find the needle in the haystack.

As widespread digitisation’s security changes are more obvious, the response is clear. Organisations and governments must invest in resources and the right training. It is needed to develop networking professionals with the advanced skills to avert the far larger costs of successful cyberattacks.

Yesterday’s knowledge and security techniques don’t work in the digital era. Network connected devices generate a huge amount of data every 24 hours. They produce 277 times more data daily than do people. Each day, a new goldmine is ever more enticing to steal. This valuable data is often sensitive, proprietary or confidential. Organisations must do everything possible to keep this data safe. In addition, IoT controls can be hijacked remotely if hacked, adding a new layer of risk.

While thieves reap big rewards for stealing data, businesses and other entities pay a rising price. The Ponemon Institute looked at 350 companies in 11 countries in 2015. It found that the average consolidated total cost of a data breach is $3.8 million, up 23 per cent in just two years. This rise represents two things. More than ever, thieves are able to steal – or ransom – much more valuable information assets. New, tougher regulatory penalties place additional burdens on protecting networks.

Only professionals with advanced skills will keep data, networks and machines safe, or securely connect networks, devices and people. Businesses need properly trained and certified professionals to secure infrastructure and avert more sinister cybersecurity threats.

Tom Gilheany, product manager, CISSP, Cisco Systems

Image source: Shutterstock/Duncan Andison