The cyber security skills your business needs
The threat landscape is constantly evolving, so it's important your staff are equipped with the right tools
Becoming cyber resilient is doubtless one of the most important things a business can do to remain competitive in today’s landscape and becoming cyber secure is a goal all businesses should aim to achieve. The industry’s leaders are often quick to tell organisations that implementing a cyber security strategy is relatively simple - it’s about getting the basics right. This also comes with myriad vendors trying to market their countless solutions that claim to solve all the problems out there in the wild. It’s a difficult situation to navigate, despite it seemingly being a simple case of implementing the fundamentals, and it requires the right people with the necessary cyber security skills to block out the noise and help guide a business to safety.
The cost of a cyber attack is also rising, if the security vendors’ reports are to be believed. Ransomware is still the prevailing threat but cyber criminals have numerous methods to profit from a business’ misfortune, and they’ll stop at nothing to break into anything that can net them a reward.
In reality, cyber security is difficult and that difficulty grows as the business itself becomes bigger. When new technologies are introduced, these need to be locked down and secured in different ways. This requires genuine expertise. It’s also no secret that employees are often the main determiner of whether attempted cyber attacks become successful. It’s of paramount importance that a business has skilled security professionals that know how to defend against an ever-growing attack landscape and mitigate all vulnerabilities that could bring a business to its knees. Often, one of the first thoughts is to spend money on a product or service that claims to fix all the issues but perhaps the best way to start thinking about security is to start thinking like the hackers themselves.
The cyber security skills your business needs: Ethical hacking
There’s arguably no better way of closing the gaps in your business’ defences than hiring someone who can think like the criminals that want to break through. An ethical hacker’s job is to essentially assume the role of an offensive hacker and probe a business’ IT estate for vulnerabilities and attack paths so these can be fixed or otherwise mitigated. Sometimes known as ‘white hats’ in the industry, the skill set of an ethical hacker can prove invaluable to organisations. The value to be had is not just in spotting security issues; the deep understanding of computer systems required to do the job can help when building new products like apps, for example, and they can be built securely from the outset.
The are different ways ethical hackers can be deployed within a business and one of the most popular services they can provide is penetration testing, an adjacent but related part of cyber security. The difference is that a penetration tester often solely focuses on the technical side of things, looking for weaknesses in the IT systems themselves as described above.
An EDR buyer's guide
How to pick the best endpoint detection and response solution for your business
Free DownloadEthical hackers can also be given a much wider remit - a license to break in by any means necessary. This can involve conducting genuine phishing attempts against staff to see if the organisation’s access management rules are up to scratch and implementing effective multi-factor authentication (MFA) products if necessary. It can also involve testing the physical security of the office itself. Ethical hackers are sometimes hired by CEOs or CISOs directly, not telling anyone else in the company they exist or what they plan to do. Sometimes they will try and break into the building to see how easy it would be for an attacker to trespass and install malware on a server via a USB stick, for example.
Having the mind of a bad guy working for the business can be immensely valuable and help prevent some embarrassing cyber security incidents from impacting the business and its customers.
The cyber security skills your business needs: Network security
It’s not only external threats that you have to worry about when it comes to cyber security. Don’t forget about internal threats which can damage your organisation, no matter if they’re malicious or accidental. To prevent any kind of loss of data, you’ll need to ensure you have good network security. Potential candidates for this role should also be able to implement the correct controls or policies on your network.
Other policies you’ll need in your security toolkit could be network access control, which includes restricting what users or a device can do when connected to the network, as well as restricting what kinds of devices can access the network. Anyone who works outside of HR, for example, shouldn’t be able to access HR files, while those who work in the finance department are the only ones who should be able to access those files.
Administrators will be pleased to know that there are plenty of tools to choose from to help them adopt these policies. This includes firewalls, VPNs (virtual private networks), or even the fancy new machine learning algorithms which can identify when a device or user is acting strangely and automatically cut it off from the network. Machine learning is also being deployed in firewalls to make web application firewall (WAF) tools. WAFs help to create an extra barrier to prevent hackers from targeting your apps, although they aren’t intelligent enough yet to determine whether users are humans or machines.
Software can also be deployed to divide servers into micro-segments, which can halt the spread of infection throughout the network.
The cyber security skills your business needs: Cloud security
These days, virtually all organisations use the cloud to some degree. This means that organisations need to secure data and applications using the cloud in addition to securing their own on-premise infrastructure.
There is, however, a shortage of cybersecurity professionals with expertise in the cloud. Nearly a third (29%) of businesses claim to have a shortage of cloud security skills, according to 2017's ISSA/ESG survey.
The responsibility for ensuring the security of data and apps in the cloud is with an organisation, and not with the company that provides the cloud service. As organisations move from dealing with on-premise threats to cloud-based threats, they need professionals with cloud security skills.
Among the cloud security threats is poor identity management, as hackers may mask themselves as legitimate users in order to access, modify and delete data.
Another cloud security issue is poorly-secured cloud apps. Most apps and cloud services use APIs to communicate and transfer data. This means the security of the API directly affects a cloud service's security. The chance of a data breach increases when third parties are granted access to APIs.
Institutions such as SANS and CSA offer cloud security certifications for professionals to increase their skill sets in this area.
The cyber security skills your business needs: Risk management
An EDR buyer's guide
How to pick the best endpoint detection and response solution for your business
Free DownloadThe base skill any cyber security specialist should have is an understanding of risk management - knowing how best to respond if and when the company is hit by a threat. Good risk management is always built on solid strategies and procedures for dealing with security events. Despite this, insurance broker Marsh reported that business leaders are not prioritising risk management as part of their wider IT security strategies.
Such a strategy should follow three steps: prevention (how to reduce the risk of an attack), resolution (steps to follow if an attack is successful), then restitution (repairing customer trust or generally mitigating any consequences of a hack).
Since risk can't be eliminated entirely, this skill is incredibly important. Risk management helps prevent or decrease uncertainty within an organisation and improves its overall efficiency, confidence, and reputation.
The cyber security skills your business needs: Patching and software management
When an organisation stores a lot of data on-premise in its own data centres, it needs a security expert that understands the importance of regular software updates, as well as how to roll them out across the business with the least possible disruption.
Patch management is key to ensuring malicious actors are unable to attack an organisation via a disclosed vulnerability. Most software programs issue a sequence of patches after the initial release of the software, so the security expert must continually download and apply them to ensure systems remain protected. Microsoft takes this a step further, following a weekly patch release schedule for their customers.
Organisations using SaaS software will have an easier time because updates are made to the cloud directly from the vendor. Vendors also provide an audit trail, ensuring compliance needs are met. It's still important to keep an eye on any security issues within these products, though.
The cyber security skills your business needs: Big Data analysis
Analysing large amounts of data is another essential skill in cybersecurity. An example of how data analytics is a useful cyber security skill can be found when looking at advanced persistent threats (APTs).
According to the Cloud Security Alliance, advanced persistent threats (APTs) generally aim to steal intellectual property or strategic business information and are currently among the most serious security threats to organisations.
Big Data analytics is beneficial for detecting APTs as there is typically a huge amount of data to look through in order to find anything abnormal. Without it, this process would take much longer and be less likely to identify any threats.
The cyber security skills your business needs: Non-technical skills
When it comes to cybersecurity, non-technical skills are just as important as technical expertise. For instance, strong communication skills are essential for communicating a threat clearly and making sure other departments understand the importance of security. Teamwork and collaboration also play a role, as experts work in various teams to ensure the job is done effectively.
Moving away from siloed workspaces and integrating departments can generate the transparent, collaborative culture necessary to ensure ideas and issues are not lost in translation.
The cyber security skills your business needs: Governance
Governance plays a large role in cybersecurity as well. For example, if a cloud computing data breach occurs, the service provider should alert all customers of said breach - even the ones who were not impacted. The provider should then make efforts to identify and resolve any issues or vulnerabilities. Under new data protection laws, known as the General Data Protection Regulation (GDPR), organisations must inform affected users and the data protection authority within 72 hours of a breach, or face a fine of up to 2% of their annual turnover, or 10 million.
The proliferation of regulations being applied not only protects consumer privacy, but also protects business data and IT infrastructure. Compliance benefits both the organisation and any customers and partners it comes into contact with. Though, it is important to not be so focused on simply compliance that actual cyber risks are forgotten.
The cyber security skills your business needs: Automation
One solution being proposed to cover the problem of the cyber security skills gap, while also improving security in businesses overall, is the increased use of automation.
Most of this focuses on the use of machine learning and artificial intelligence (AI) to identify known and potential threats faster, while also reducing some of the false positives seen in earlier automation. This means that anything flagged as a potential issue is less likely to be a waste of human time.
AI and machine learning can identify threats by type, such as ransomware or phishing attempts, whether it's a known malware strain or not. They can also identify errant behaviour by users, for example, if a person who works 9-5 becomes active at 3am, or starts trying to access systems and data they don't normally or don't have the appropriate privileges for. This could be indicative of a successful hack or an insider threat and can be investigated by the appropriate members of the IT team.
The most modern enterprise security software offers AI and machine learning capabilities, although what you choose to adopt will depend on the skills already present in your business. If there's no one who knows how to investigate and remedy potential and actual hacks, you will need to train someone up in this area in order to use the software effectively.
This article was first published on 24/09/2019 and has since been updated
The global use of collaboration solutions in hybrid working environments
How companies manage security risks
Free DownloadHow to build a cyber-resilient business ready to innovate and thrive
Outperform your peers in your successful business outcomes
Free Download
