It’s no secret that there’s a shortage of qualified personnel in the field of cybersecurity. It’s a problem that has long been noticed and one that is projected to get even worse—to the tune of 1.8 million by 2022, according to (ISC)².
Despite this massive skills gap on the horizon, the number of breaches appears to be declining. Appearances, however, can be deceiving. As criminals shift their tactics toward new types of threats, such as ransomware, they’re finding ways to do more than merely steal data. Ransomware attacks allow criminals to lock or delete data altogether, which ends up costing organizations more than a traditional data breach—despite it not being quantified by ‘records breached.’
With an expanding pool of threats to deal with and a shrinking pool of qualified people to address them, how do we tackle this serious problem? The obvious answer is recruiting more qualified people to do the job. But simply increasing our ranks isn’t going to fully resolve the problem. Security professionals need to implement a multi-pronged approach to deal with the different aspects of the ‘threats’ challenge at hand. Here are four major ways we can start better dealing with security threats today:
1. Security by design
All too often, security is an afterthought in design. Unless the product is being specifically designed for security purposes, security features are often tacked on toward the end rather than considered as a key element to the design process. Take the automotive industry, for example. The automobile was designed with the intent of offering people an option for travel that didn’t involve feeding and picking up after horses. Many early cars didn’t even have locks, as they were owned by the very wealthy who had drivers who would stay with the vehicle. Even now, connected cars are vulnerable to having their computer systems hacked into due to all of the IoT components going into them.
According to Gartner research director Ruggero Contu, when looking at IoT devices “a consistent security strategy is all but absent.” If we hope to collectively tackle the cybersecurity problem as more IoT devices coming into play, we must make security an integral part of the design process.
2. Drilling down into security in STEM
The deficit of cybersecurity professionals is something we need to start planning for now. In 2001, Dr. Judith Ramaley, assistant director of education and human resources directorate at the National Science Foundation, coined the term STEM to describe the educational emphasis that should be placed on driving Science, Technology, Engineering and Mathematics in schools. The term STEM is now commonly used in many countries with the goal of encouraging kids to take an interest in these fields in hopes of building a greater pool of trained professionals for the future.
Article Credit: HELP NET SECURITY
The post Working through the cybersecurity skills gap appeared first on Statii News.
source http://news.statii.co.uk/working-through-the-cybersecurity-skills-gap/
No comments:
Post a Comment