The Future For Cyber Security Looks Uncertain

Future For Cyber Security

From the inception of the internet, cyber security has become increasingly more important. As the internet has permeated more and more aspects of our lives, our reliance upon the security of our information has become paramount to every one of us. Yet the future of cyber security is rather uncertain, despite the gravity of its importance, and many firms are finding both knowledgeable and high quality cyber security staff increasingly difficult to find.

According to a CompTIA report entitled The Evolution of Security Skills, nearly half of the global ICT firms that were surveyed stated that they felt cyber security would become a significantly higher priority in the next 2 years. Regardless of these predictions, 34% of companies felt there was a low understanding of new threats, whilst 28% admitted to a low understanding of cyber security technology. But where is this lack of knowledge stemming from?

A study entitled, State of Cyber Security 2017, performed by ISACA (Information Systems Audit and Control Association), suggested that cyber security staff are becoming increasingly difficult to find in such a rapidly expanding and evolving field. The report was based on a survey of 633 cyber security specialists across North America and Europe, with 27% stating that they were unable to fill open cyber security positions in their businesses and another 14% unsure as to whether they would ever fill those positions.

cyber security has become increasingly more important

Given the sheer amount of sensitive data that many companies hold about us, it is shocking to see the problems that are arising in cyber security at the moment – trends that are unlikely to change course any time soon.

CIO Magazine (from IDG) recently expressed concern that the “good enough” trend that permeates our culture in an editorial piece, and how it is seeping slowing into how we look at cyber security, stating openly that: “I’d go so far as to say the single greatest cyber threat to organizations today is the “good enough” standard that’s being sold by key players within the cyber security industry.

CIO Magazine are particularly concerned about the use of “vulnerability scans”, that have been used for many years in cyber security and detect out of date patches and software. However, the problem lies in the fact that 90% of Vulnerabilities are not known or detected by using this type of software.

Mike D. Kail, Chief Innovation Officer of CybricOne third of firms consider insider threats to be the security issue they worry about most, according to the 2017 cybersecurity Trends Report, whilst half felt that this was the most challenging form of attack to detect or prevent. Given that applications are insecure by design, and that there are often some thousands of unforeseeable vulnerabilities or misconfigurations, it would seem unwise to rely upon vulnerability scans as a main defence against cyber-security threats.

However, there are those who believe that companies are not doing enough to promote cyber security awareness and practices within their own companies. We spoke to Mike D. Kail, Chief Innovation Officer of Cybric, who believes that the onus should be on executives to find solutions to these problems rather than simply complain:

The constant conversation around the lack of cybersecurity talent and the increasing skill shortages isn’t helping. CIOs and CISOs need to start providing overall security awareness training and talk about the ‘why’ instead of the ‘how’, which is a shift from a control-driven function to one with greater context. Confidence in cybersecurity will only be increased by taking a data-driven approach and making security testing a continuous process (strategy) instead of a periodic process (tactical).

This sort of strategy was proposed in the The Evolution of Security Skills report, which recommended training courses, testing, and awareness programs aimed at educating an entire workforce. There needs to be an active promotion of cyber security knowledge across the tech world, the industry needs to change itself from the inside-out. By promoting cyber security education internally, cyber security as a whole will benefit.

By Josh Hamilton

Alex Dean
Enabling Privacy and Personalization Most businesses today rely on data collected online to better understand their customers and deliver more personalized products, services and experiences. These insights can be transformative for an organization, especially when ...
Gary Bernstein
Using Data to Gain Advantages Data collection is now omnipresent in every sector of the global economy. Several aspects of modern economic activity would not be possible without it, just as it would not be ...
Dinesh Varadharajan
The Future with Automation Many entrepreneurs believe digital technologies will transform the way their companies work. By 2022, the worldwide hyper-automation technology market is expected to be worth $596.6 billion. And by 2055, almost half ...
Brian Rue
What’s Holding DevOps Back And How Developers and Businesses Can Vault Forward to Improve and Succeed Developers spend a lot of valuable time – sometimes after being woken up in the middle of the night ...
Yuliya Melnik
Heroku or AWS Cloud infrastructures are gradually starting to penetrate into an increasing number of areas and various businesses. And this is not surprising because such a ploy allows you to improve internal processes, protect ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.