For the record, it should be acknowledged from the start that there is no question that the cybersecurity landscape has improved over time, mostly courtesy of persistent increases in cyber spending year after year. Gartner According to estimates, the U.S. will spend $172 billion on cybersecurity in 2017, up from $150 billion last yea, and it is expected that this figure will continue rising steadily.
This has led to security analytics. Security analytics uses data collection, analysis, and aggregation capabilities to detect and reduce cyber threats. Artificial intelligence and machine-learning are gaining popularity, as well as zero trust architecture. It’s harder than ever for attackers to bust into large organizations.
However, cyber-related incidents continue to rise in most years. Cyber experts believe that many large organizations have been or will be compromised at one point. Why? The common theme is that malware actors are constantly improving and evolving. While corporations do their best to stay on top of the situation, one mistake can open up cybercriminals’ doors.
Yet, there is another major reason as well – and one that gets far less attention.
Many companies still suffer from serious security deficiencies. They include sub-par cybersecurity training, inadequate incident response plans and the temptation to overbuy security tools, often resulting in them undercutting one another. There is also an increasing number of cyber-job openings. now numbering 715,000 in the U.S. alone, clearly aren’t being addressed sufficiently, according to a report by market research firm, Lightcast.
Can these problems be solved? These solutions are possible, but will need to be looked at carefully. Let’s look at some examples to help you close those gaps.
The hiring process for cybersecurity jobs needs to be improved
In addition to the lack of qualified cyber workers, many companies make hiring mistakes, creating difficulties in recruitment. All the unfilled vacancies don’t simply make it harder for businesses to keep networks secure. These vacancies also impact cybersecurity teams that are expected to manage all aspects of network security but only have a small number of people. Burnout is a result and more people leave the field altogether.
The problem lies in the fact that many employees are unable to follow rigid guidelines. As with most jobs, cybersecurity job advertisements require applicants to have experience as well as qualifications. Articles in ZDNet, Protocol, and elsewhere point out, it’s not uncommon for human resource departments to be too stringent given the scarcity of cybersecurity professionals. A number of these candidates are proficient – even without formal qualifications – and yet, many get passed over for job openings.
This is why many cybersecurity certification authorities need at least five years’ experience. For many high-ranking security jobs, these certifications will be required. Even candidates who have degrees in cybersecurity or computer science can be turned down if they do not possess a specific certification.
Cyber training is mediocre
When they first get hired, employees are usually given a couple of days’ security awareness training. After that, they receive some refresher training once a year. This isn’t enough. After a while, many employees lose some of the information they have learned. However, cybersecurity is changing constantly so all employees should be trained. The Advanced Computing Systems Association It is recommended that cybersecurity trainings be held every 4 to 6 months by companies, using interactive videos and examples.
It’s important to note that the knowledge and sophistication of employees trained varies widely, often undermining effectiveness. Studies have found that employee attitudes can influence the likelihood of an individual being compromised. One study found that respondents who identified themselves as “Type A” personalities didn’t believe they were at increased risk of reusing passwords, a risky endeavor. Their own proactivity was sufficient, they believed.
Many employees are not sufficiently informed about cybersecurity because of the incompetent leadership and management. a higher priority on other things, For example, acquiring new technology that will drive productivity increases.
Programs for sub-Par Incidence Response
Incident Response Plans can be used to quickly respond to organizational breaches. They are intended to reduce reputational damage and customer distrust. Resilience is essential for organizations. It is clear that companies tend to focus more on cybersecurity prevention than remediation. a study by IBM Security and Ponemon Institute found that 74 percent of security and IT pros surveyed in 11 global markets didn’t feel it was necessary to adopt IRPs consistently across their organizations – or at all.
What can businesses do to deal with serious cybersecurity problems? Their security staff is the most reliable source of help. In order to mitigate any breach, it is important that more people are committed in keeping abreast with the latest cyber threats. You need to have a certain mindset and behavior.
It sounds great to build a supply of security equipment, but it isn’t always. A study by Ponemon Institute Organizations use more than 45 of these tools on average. The ability to identify an attack and the speed at which they can respond to it was ranked lower for organizations using over 50. Problem: These tools often conflict with and undercut each other.
It is common for solutions to not be fully integrated. This is why cyber employees often jump from one console to the next. In addition, more security tools mean more alerts – often false – to manage. Complexity can be described as a hidden cost.
Chief Information Security Officers, CISOs believe that even greater cybersecurity investments are needed
CISOs play a crucial role in advocating for cybersecurity investments, and more than half of them believe their boards still don’t provide ample investments to mitigate cybersecurity risks, according to a survey by CensuswideThe CISO London is an international market research firm. CISOs believe that not all boards can discuss cybersecurity in the wake of a breach.
This problem is being caused by CISOs. Communication with the board should be more fluid. The board of directors is not made up entirely of experts in cyber security. They need to avoid using jargon. To make their points, they must avoid using doubt, fear, and uncertainty. Their top priority should be to make sure that their company’s health remains the main concern.
The key elements of an organization’s infrastructure must be considered by corporate leaders. These include making sure there is a secure network and that users have access to it. Also, double checking that software and hardware are up-to-date. Security vulnerabilities can be detected sooner than they appear.
The most important thing is that leaders create an environment around security. It’s important that they understand how their executives are currently approaching cybersecurity and what changes might be needed. It is important that they prioritize improving things and look at what other changes might be necessary. These steps help deliver growth through digital trust and builds both employee pride and an organization’s reputation with customers.
About the AuthorRobert Ackerman Jr. founded and is managing director for AllegisCyber Capital. This early-stage, cybersecurity venture capital firm is located in Silicon Valley. DataTribe, an early-stage seed-foundry that invests with young data scientists and cybersecurity companies, is co-founded by Ackerman Jr.
Bob has been recognized as a Fortune 100 cybersecurity executive and also as one of “Cybersecurity’s Money Men.” Previously, as an entrepreneur, Bob was the president and CEO of UniSoft Systems, a leading UNIX systems house, and founder and chairman of InfoGear Technology Corp, a pioneer in the original integration of web and telephony technology.
Editor’s Note: Tripwire, Inc. does not endorse the views expressed in this guest writer article.