Canadian Cyber Security Journal
Filed under: News, Training

Cybersecurity skills gap: Why bad security is worse than no security

AND Digital’s Jeff Watkins discusses the dangerous cybersecurity skills gap and what should be done to tackle the problem.

With technology firmly forming the backbone of modern industry, it comes as no surprise that with such innovation comes great threat. The shift to digital has meant many organisations have had to scramble for quick-fix solutions to enable business continuity, especially since the pandemic began. What isn’t always considered though, is the increased vulnerability to cybercrime this entails.

It’s a fact that cybersecurity is certainly not a strong point for most organisations – the skills simply aren’t there. In the UK for example, high proportions of businesses lack staff with technical, incident response and governance skills needed to manage their cybersecurity, estimating that an uncomfortable 48pc of companies have a basic skills gap. Meanwhile, Cyber Ireland estimates a global shortfall between 1.8m and 3.5m security professionals within five years.

With quantum computing being a feasible method of attack in the near future alongside the otherwise immense rate of technical evolution, a roughly two to three-year cycle of significant change in the tech we use means companies are left exposed and ill-equipped to defend themselves and their data. On a broader level, critical infrastructure is already constantly at risk of hacking, highlighting the urgent and persistent need to invest in cyber skills – and fast.

Clearly, there’s much work to be done not only when it comes to fortifying tech systems against vulnerability, but also in equipping teams with the skills they need to operate and detect threats as they occur. The real threat, arguably, is for businesses with security patches that simply are not up to scratch – the false sense of security can lead to complacency and let threats creep in under the radar.

Cybercrime on the rise

The accelerated shift to digital industry we’re currently experiencing fuelled by Covid-19 has been applauded but it definitely comes with risks. Such a rapid switch to home working and learning has brought with it a deluge of cyberattacks, security vulnerabilities and a rise in ransomware attacks involving exfiltrated data being leaked.

Arguably, the number of incidents was already increasing steadily pre-pandemic, however many organisations had to pivot to remote without time to consider the security implications. As a result, cybercrime is growing exponentially.

High-profile education bodies, in this example, which handle highly confidential data and intellectual property are most recently targets of data breaches and fraud due to their defence systems being typically less sophisticated than those of large corporations. With this in mind, leaders must seriously consider the implications of dispersed users by protecting and centralising their networks where possible.

Bad to worse

Bad security is in many ways worse than no security. This false sense of safety can lead to complacency and in turn – huge holes for hackers to infiltrate. Inevitably, this can have devastating effects.

Aside from budgetary constraints, the increase in remote devices and miscommunication of policy can lead to flawed security. All staff must be operating on secure networks, and with the de-matrixed work setting this has been a real challenge. Investment in training and best practice can no longer be left by the wayside, and responsibility for secure working can no longer rest solely on the IT department.

A zero-trust approach – that is, treating all devices as untrusted – should be adopted as standard. The dispersed workforce means businesses can’t rely on 100pc secure communication channels and BYOD (Bring Your Own Device) adds its own layer of complexity and risk. Teams of all sizes must ensure they keep a firm eye on guidance and build it into their long term infosec strategy.

Fundamental skills and strategy

For DevOps teams to really tackle the widespread risks and keep pace with the increase in cyberattacks, competency in some core skillsets is a must. Security practitioners must be able to handle incident and response and be literate in Security Information and Event Management (SIEM) tools and services.

Aptitude in creating automation and real-time analysis should translate into incident response plans, which in turn should be built into long-term risk management conversations. Spotting issues early and responding to them in good time can make a world of difference and could even prevent a large-scale disaster.

Alongside these basic skillsets, knowledge of intrusion detection, firewall management, application security development, mobile device management, digital forensics, identity and access management will put businesses in good stead to defend themselves digitally.

Bad to worse

Bad security is in many ways worse than no security. This false sense of safety can lead to complacency and in turn – huge holes for hackers to infiltrate. Inevitably, this can have devastating effects.

For publicly funded organisations especially, lack of budget and appropriate training could pose as the main blockers to secure digital transformation.

Remembering that people are still very much behind the wheel of all cyberthreats should motivate businesses to invest in their own people. Gifting them with the knowledge to combat advanced security threats and giving them insight into what’s at stake will undoubtedly safeguard against future threats for years to come. It’s worth the investment.

Enjoy this article? Don’t forget to share.