Britain has never depended more on connected technology systems than during this outbreak. Millions of employees are working from home, using personal devices and connecting to WiFi networks which are potentially insecure. Security teams are working round the clock to ensure that, at a time when Britain is more vulnerable than ever, connected technologies do not cause further problems for the safety and security of this country.
But the truth remains: our technological capabilities and resilience to upset is being challenged, leaving the UK more vulnerable than ever to cybercrime, and without enough cybersecurity talent, our defenses are weaker than ever.
According to the Global Information Security Workforce, the UK is set to have 100,000 empty cybersecurity jobs by 2022. Who knows how far this number could be affected by the current crisis? Considering the extent and damage that attacks like WannaCry have generated in the past, the UK’s startling deficit of cybersecurity professionals is concerning.
A changing society threatens cybersecurity
The Covid-19 crisis is affecting people in all walks of life. While each industry should focus on doing its bit to protect people and stop the spread, each also faces its own challenges. Hiring is significantly down on this time last year, destabilizing organizational ability to build stronger cybersecurity teams to protect fragile businesses. Organizations are scrambling to source enough talented cybersecurity professionals to fill all of the roles necessary to defend systems, develop fresh solutions, and monitor for new threats.
BlackBerry recently discovered remote access trojans which worked for nearly ten years to steal intellectual property and threaten systems, going mostly undetected. As the threats are uncovered, it’s clear that our intellectual property, capital and sensitive data are at risk of being targeted, which some NHS hospitals have experienced first-hand.
We urgently need to boost the UK’s crop of cyber experts to fill the skills chasm the country has found in its workforce. Now with fewer international students planning to enter the country in the next academic year, along with the restrictions on movement caused by the coronavirus, Britain must optimize its current cybersecurity expertise.
The task at hand
Even before the Covid-19 crisis, workplaces were taking on more complex IT systems, as well as a greater number of connected devices. Maintaining a high level of protection had become increasingly intensive. New apps and technologies are also being adopted by millions to cope with the pandemic, yet without more cybersecurity professionals they cannot be properly secured from those wanting to exploit the situation for personal gain.
The skillsets of IT teams must match up to the level of the incoming threats. With understaffed cybersecurity teams and stalled training courses leaving trainees without the full skillset required, the task is even more difficult. The existing crop of professionals must now be able to carry out a greater volume of increasingly time-consuming tasks, most of which is spent chasing down an endless stream of alerts to assure that a large array of systems remain secure. Time remaining to complete important tasks like pen testing is dwindled away.
AI provides valuable reinforcements
Even the most talented of cybersecurity professionals can benefit from intelligent systems acting as reinforcements. Artificial Intelligence (AI) is the key to managing the volume of potential threats, spotting anomalies in data and dealing with menial and repetitive tasks whilst flagging potentially serious situations to the team. Automating these repetitive tasks helps to eliminate human error which could be a product of understaffed teams.
Take, for instance, one of the most common security problems: phishing emails. An employee might follow instructions in a phishing email not only because it looks authentic, but because it conveys some urgency (usually appearing to be from a manager or someone else of importance). With backup from intelligent technologies, falling prey to these deceptive emails won’t spell disaster. The AI spots the presence of malware and the attack is thwarted before data can be lost. Without the right technologies, however, human error like this could cause long-lasting repercussions for the organization.
This is where artificial intelligence can be a game-changer. We already use AI to simplify our home lives, using it to perform a variety of tasks, from turning on lights, to playing our favorite music. But if AI solutions are deployed in the workplace to work alongside existing teams, they can help to accurately and comprehensively contribute to the team’s hard work within the sphere of data security. AI can even offer actionable insights, which teams can then choose to act upon as they see fit. This allows professionals to spend more quality time and energy looking into deeper and more elaborate threats. By scaling a business’ defenses in this way, resources can be applied to more complex security issues and initiatives that advance the defensive posture of the organization.
We must act now to bridge the gap
The risks businesses are facing are stacking up as organizations become more dependent on remote work technologies that leave corporate networks more vulnerable to attacks than ever. This means that the huge shortage of qualified cybersecurity professionals is not only an industry crisis, but a national crisis as well. Expertise is vital if we are to reduce the number of successful attacks and subsequent data breaches which affect us all in one way or another.
The skills gap must be addressed if we are to mitigate the additional risks resulting from the increase of remote workers as a result of the Covid-19 crisis. As businesses endeavor to ensure their continuity and the protection of sensitive data during the oncoming recession, small cybersecurity teams must put up stronger defenses than they are equipped for. While it may take years to fill all the necessary cybersecurity roles to best defend Britain, right now the answer for businesses is to invest in intelligent technologies like AI-powered security. Businesses can multiply their cybersecurity power by deploying AI to manage large volumes of data, stop malware in its tracks and free up the team to focus on new threats. By working alongside automation, human teams will be better equipped and empowered to steer the organization through the challenges of today’s complex threat landscape.
Adam Bangle, Vice President EMEA, BlackBerry