The Future For Cyber Security Looks Uncertain

Future For Cyber Security

From the inception of the internet, cyber security has become increasingly more important. As the internet has permeated more and more aspects of our lives, our reliance upon the security of our information has become paramount to every one of us. Yet the future of cyber security is rather uncertain, despite the gravity of its importance, and many firms are finding both knowledgeable and high quality cyber security staff increasingly difficult to find.

According to a CompTIA report entitled The Evolution of Security Skills, nearly half of the global ICT firms that were surveyed stated that they felt cyber security would become a significantly higher priority in the next 2 years. Regardless of these predictions, 34% of companies felt there was a low understanding of new threats, whilst 28% admitted to a low understanding of cyber security technology. But where is this lack of knowledge stemming from?

A study entitled, State of Cyber Security 2017, performed by ISACA (Information Systems Audit and Control Association), suggested that cyber security staff are becoming increasingly difficult to find in such a rapidly expanding and evolving field. The report was based on a survey of 633 cyber security specialists across North America and Europe, with 27% stating that they were unable to fill open cyber security positions in their businesses and another 14% unsure as to whether they would ever fill those positions.

cyber security has become increasingly more important

Given the sheer amount of sensitive data that many companies hold about us, it is shocking to see the problems that are arising in cyber security at the moment – trends that are unlikely to change course any time soon.

CIO Magazine (from IDG) recently expressed concern that the “good enough” trend that permeates our culture in an editorial piece, and how it is seeping slowing into how we look at cyber security, stating openly that: “I’d go so far as to say the single greatest cyber threat to organizations today is the “good enough” standard that’s being sold by key players within the cyber security industry.

CIO Magazine are particularly concerned about the use of “vulnerability scans”, that have been used for many years in cyber security and detect out of date patches and software. However, the problem lies in the fact that 90% of Vulnerabilities are not known or detected by using this type of software.

Mike D. Kail, Chief Innovation Officer of CybricOne third of firms consider insider threats to be the security issue they worry about most, according to the 2017 cybersecurity Trends Report, whilst half felt that this was the most challenging form of attack to detect or prevent. Given that applications are insecure by design, and that there are often some thousands of unforeseeable vulnerabilities or misconfigurations, it would seem unwise to rely upon vulnerability scans as a main defence against cyber-security threats.

However, there are those who believe that companies are not doing enough to promote cyber security awareness and practices within their own companies. We spoke to Mike D. Kail, Chief Innovation Officer of Cybric, who believes that the onus should be on executives to find solutions to these problems rather than simply complain:

The constant conversation around the lack of cybersecurity talent and the increasing skill shortages isn’t helping. CIOs and CISOs need to start providing overall security awareness training and talk about the ‘why’ instead of the ‘how’, which is a shift from a control-driven function to one with greater context. Confidence in cybersecurity will only be increased by taking a data-driven approach and making security testing a continuous process (strategy) instead of a periodic process (tactical).

This sort of strategy was proposed in the The Evolution of Security Skills report, which recommended training courses, testing, and awareness programs aimed at educating an entire workforce. There needs to be an active promotion of cyber security knowledge across the tech world, the industry needs to change itself from the inside-out. By promoting cyber security education internally, cyber security as a whole will benefit.

By Josh Hamilton

Gary Bernstein
Managing Your Internal IT Your company's internal IT team is responsible for keeping things running smoothly, and they deserve all the support you can give them. Here are ten ways to make their lives easier ...
Drew Firment
Here’s How to Make Sure Your Skills are Cloud Ready This year will be a period of meteoric growth for the cloud industry. Research from Gartner suggests that global spending on public cloud services in ...
James Corbishly
Teams Sprawl in the Remote Workspace As working from home has become the new everyday norm, with more employers embracing the remote-work model as a new and likely permanent fixture of the employment world, there ...
Damian Ng
3 Cloud Modernization Challenges There’s no denying that migrating to the cloud unlocks multiple benefits for organizations looking to modernize their IT infrastructure. However, the journey to truly unlock the benefits of the cloud and ...
Tiago Ramalho
More equitable future for food distribution with AI At best, only 70% of food gets used in the United States. The rest goes to waste. Although devastating, the good news is this massive waste of ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.