July 10, 2020
The global cybersecurity talent shortage was already severe, and COVID-19 has further widened the gap.
The most recent data from the National Center of Education Statistics indicates that among college graduates, only 3% earned a degree in cybersecurity and related fields. And of those grads, not all are equipped to meet the needs of businesses right away.
The onset of COVID-19 is impacting students’ abilities to meet with mentors, have hands-on experiences and successful internships. So the question is, will the global cybersecurity talent shortage continue to grow in a time where we need more cyber experts than ever before?
IronNet’s Don Closser
To find out more about the global cybersecurity talent shortage, we spoke with Don Closser, IronNet‘s chief product officer. IronNet provides collective defense and network behavioral analysis.
Channel Futures: Why have the pandemic and ensuing economic downturn accelerated the global cybersecurity talent shortage?
Don Closser: I don’t think the COVID-19 pandemic has necessarily accelerated the talent shortage; if anything, it is highlighting the reality that a number of existing security solutions are heavy hardware deployments that are not easily deployable, and are now no longer easily accessible due to remote environments. The pandemic is shifting and expanding the responsibilities of cybersecurity professionals, and in response, the industry really needs cyber talent that is able to deploy from a remote location. This has inevitably increased the demand for SaaS-based solutions. In its place, we have this new reliance on vendors to augment via professional services for deployment, which widens the gap not just for security talent, but also security tools themselves. To address this challenge, there needs to be increased visibility built in tools to help navigate through this pandemic.
CF: Is there even more of a need for cybersecurity talent because of the impact of the pandemic? If so, can you give some examples of why?
DC: The pandemic has definitely put an emphasis on the cybersecurity talent gap. The boundary has expanded, and now there is an added consideration and concern for remote work. Most companies were not prepared to support a fully remote workforce at the onset of the pandemic due to their existing infrastructure, and internal processes and procedures, or lack thereof. The way that companies have to defend infrastructure has changed drastically as we’ve shifted to VPNs to safely work remotely, posing a significant challenge as they navigate through this already difficult time.
CF: What can be done to attract more people to cybersecurity careers?
DC: Why would anyone want to do anything but cybersecurity? In all seriousness, it really comes down to the educational component. Educating the next generation on cybersecurity is paramount to attract top talent. Aside from working with universities to develop a strong curriculum, educating students as young as grade school will instill awareness and hopefully a passion at an early age. Technology has radically changed and is still constantly evolving. So we need to guide the younger generations on this path. The fact that cybersecurity is a very remote-friendly career is …
… also enticing to many job seekers.
CF: How are organizations coping with the global cybersecurity talent shortage? Is technology useful in this regard? If so, how?
DC: As the talent shortage continues to plague the cybersecurity industry, organizations are looking to vendors to bridge the gap. It is not just about detection, but also how an organization responds. Crowdsourcing is a valuable tool to use to leverage the expertise of other peer groups. And this is at the crux of our collective defense idea, that it is easier together than alone. With regard to technology, it is really three-pronged. What we need is behavioral analytics for better detection, a collective defense approach/early warning system and seamless integrations.
CF: What are examples of the real-world consequences of the cybersecurity talent shortage?
DC: The talent shortage and its consequences bring to mind Einstein’s definition of insanity. Paraphrased, you cannot do the same thing over and over and expect a different result. Every day we are seeing a major hack against an industrial organization or a new nation-state hacker targeting the election. This visible increase in attacks, breaches and data exfiltration just reinforces the fact that we can’t do this alone and need to collectively work together against such threats to build a stronger defense.
CF: Are there any positive developments that could help reduce the shortage in the months ahead?
DC: Harkening back to our idea of collective defense, it really represents the foundation of why IronNet was formed in the first place. Collective defense is a method to help us better defend in a community environment versus in isolation. This is a time where we need more cyber experts than ever before, and this concept could be one of the answers to reducing the talent gap as more students and young professionals understand that they can work smarter – not harder –when putting their heads together. In the same vein, AI and ML will continue to be a successful method for identifying potential threats, balanced with the human element for maximum efficiency and accuracy.
NetStar: Smishing on the Rise
Cybercriminals increasingly are using “smishing” to carry out fraudulent activities, including identity theft and malware distribution.
NetStar‘s partners globally protect over 1.2 billion endpoints, including mobile devices, using the company’s technologies. These partners have a vested interest in identifying smishing attacks.
NetStar works with mobile service operators, MSSPs, web application firewall vendors, gateway appliance vendors, and others.
NetStar identifies hosts’ IP addresses that source smishing attacks, as well as URLs embedded in smishing attacks. The company adds these URLs and IPs to its threat database on a continuous basis. And NetStar updates its URL and IP categorization databases accordingly.
The NetStar team can quickly help partners without …
… access to the threat database.
Steve Earnshaw is NetStar’s vice president of product management. He said smishing is a form of phishing.
NetStar’s Steve Earnshaw
“Specifically, smishing is a phishing attack carried out via an SMS message (a text) or on another messaging platform,” he said. “And like all phishing attacks, smishing uses technology and social engineering in an attempt to trick people. Many people are more trusting of a text they receive from an unknown sender than of an email received from an unknown sender, and thus more likely to fall for smishing scams.”
Criminals use smishing to trick people into sharing personal information such as login credentials or banking information. Smishing attacks are on the rise, with millions of attacks worldwide in 2019, Earnshaw said.
“Our inSITE threat intelligence solution gives our partners a list of all active internet threats, refreshed every five minutes, including URLs and IP addresses associated with smishing and phishing attacks,” he said. “Partners can also access the inSITE historical threat database. Second, partners worldwide use NetStar’s inCompass internet categorization solution. With inCompass, we categorize websites into one of over 200 categories and partners can also create custom categories. Many mobile service providers use inCompass to maintain custom smishing deny lists, including newly registered domains that are designed to look like billing or support domains associated with the operator’s brand.”
Companies must continually educate their employees about social engineering and the critical need to protect corporate intellectual assets, Earnshaw said.
“As technology evolves, some threats become more sophisticated,” he said. “Companies should engage security vendors that partner with a company solely focused on internet threat detection. The internet is too nebulous and dynamic for a multifaceted security company to optimally cover it all. Partnering with a company like NetStar adds a best-of-breed internet categorization solution to their arsenal.”
Trend Micro: Despite Security Risks, Remote Workers ‘Breaking the Rules’
Nearly three in four remote workers say they are more conscious of their organization’s cybersecurity policies since lockdown began; however, many are breaking the rules anyway due to limited understanding or resource constraints.
Trend Micro’s Head in the Clouds study polled 13,200 remote workers across 27 countries on their attitudes toward corporate cybersecurity and IT policies. The survey reveals the approach businesses take to training is critical to ensure secure practices are being followed.
The results indicate a high level of security awareness, with 85% of respondents saying they take instructions from their IT team seriously. And 81% agree cybersecurity within their organization is partly their responsibility. Additionally, 64% acknowledge that using non-work applications on a corporate device is a security risk.
However, just because most people understand …
… the risks doesn’t mean they stick to the rules:
Fifty-six percent admit to using a non-work application on a corporate device. And 66% have actually uploaded corporate data to that application.
Eighty percent confess to using their work laptop for personal browsing, and only 36% fully restrict the sites they visit.
Thirty-nine percent say they often or always access corporate data from a personal device, almost certainly breaking corporate security policy.
Eight percent admit to watching/accessing porn on their work laptop, and 7% access the dark web.
Productivity still wins out over protection for many users. A third of respondents said they don’t give much thought to whether IT sanctions the apps they use, as they just want the job done. Additionally, 29% think they can get away with using a non-work application, as the solutions their company provides are “nonsense.”
Bill Malik is Trend Micro‘s vice president of infrastructure strategies. He said there’s not much businesses can do to make employees obey the rules.
Trend Micro’s Bill Malik
“Even the best organizations observe 5-7% non-compliance with basic cyber-hygiene, like clicking on dangerous links, for instance,” he said. “It’s better to apply rules at the gateway/server to block potentially dangerous content, such as not admitting emails from domains that are less than two months old.”
An MSSP can run phishing tests and other elements of an awareness program, Milik said. But there’s a downside. If senior leadership offloads responsibility for the program, it sends the message that they are not personally committed, he said.
vArmour Unveils Latest Application Controller
vArmour, a provider of application relationship management, this week launched the latest version of its Application Controller.
The offering allows enterprises to take control of operational risk by discovering and understanding application relationships across their environment. It also maximizes the value of existing investments — the technology they already own.
Controlling operational and cyber risk is critical to enable digital transformation. This transformation is accelerating adoption of public and private clouds. Organizations need solutions to understand relationships within and between applications across any type of environments, from cloud-native to mainframe.
Application Controller provides enterprises with control of every application and every relationship across every environment.
Rich Noguera is vAmour’s vice president and head of security services.
vArmour’s Rich Noguera
“Our ability to provide enhanced visualization and show relationships for every application across any every environment is made possible through our robust partnerships/integrations with companies like VMware, NSX, Microsoft Azure, AWS, Tanium and Cisco ACI to name a few,” he said. “For the partners, this ecosystem of integration approach ensures our customers enjoy maximum visibility, simplicity and stability across every environment.”
New and richer integrations with technology platforms and providers makes it easy to understand and control risk, Noguera said. In turn, that lengthens solution life cycles, and accelerates cloud and platform migrations, he said.
“Given that only vArmour enables centralized visibility and policy governance across the enterprise, for partners like VMware, our integrations make it easier than ever to leverage the power of existing platforms and deploy new partner solutions more efficiently, which has led to repeated examples of joint wallet share increase without our joins customer’s environments,” he said.
Read more about:MSPs
About the Author(s)
You May Also Like