Pros vs. Joes: Battling The Cyber Gap
One issue that has cropped up over the last decade in the field of cybersecurity is the “cyber skill gap.” The cyber gap refers to the delta between the knowledge and abilities of cyber attackers and those of cybersecurity professionals. As cyber attackers become more sophisticated, the disparity widens, largely in part due to the scarcity and ongoing churn of skilled resources for the good guys. These impacts are being seen as SEVN-X conducts both strategic and technical assessments for customers and is the most important factor limiting the ability of organizations to effectively maintain and operate cybersecurity programs.
When looking at an organization, the first question to myself is always: Are they getting the basics right? If not, seldom else matters. Getting the basics right requires a knowledgeable team with adequate training and proper tools. Enter the cyber gap. The first two points (team with training) are the genesis for the gap between attackers and defenders that creates a juxtaposition akin to an amateur boxer stepping into the ring with Mike Tyson (well, in his prime). Oh, and before you ask, just purchasing tools and/or outsourcing your entire team won’t be enough to close the gap.
With that out of the way, and a clear understanding of the problem, how do organizations begin to tackle this imbalance? Unfortunately, it isn’t a—No Budget? No Problem—type of predicament. We understand the constant struggle for capital at smaller organizations and empathize with a ‘wish list’ style of management when it comes to funding cyber initiatives. We’ll offer what we can in the way of practical advice, but the reality is, sometimes it just comes down to dollars.
Top-Down Corrections
Strategically, there needs to be emphasis, budget, and time allocated to closing this gap. This includes hiring and training dedicated security folks. At a minimum your organization should have a strategic security officer (CISO, Director of Security, etc.) to guide the organization and ensure that leading best practices are being adopted and implemented. While policies don’t prevent hacks, they can reduce the likelihood of avoidable security missteps that often lead to compromises.
Bottom-Up Corrections
For the organization: With cybersecurity being a continuous process, it requires a proactive approach. Cyber threats are constantly evolving, and it is essential to stay updated on the latest threats and vulnerabilities. Many cybersecurity breaches happen due to human error, such as weak passwords, poor security practices, or lack of awareness. Therefore, continue to educate, train, and obtain security certifications for yourself and your employees to better identify breakdowns and gaps in cybersecurity best practices.
For your security team: Your security staff needs a firm understanding of the infrastructure they are protecting as well as security best practices, vulnerability identification, remediation and mitigation techniques, and the list goes on. Here’s a quick hack when searching for junior security staff. We like to look for “the tinkers” those that love their job so much they do it when they’re not at work. When interviewing potential candidates, ask about their hobbies, and find someone that participates in community activities like hack-the-box challenges and other CTFs.
Technology Corrections
Investing in cybersecurity hardware, software and services also helps you protect your devices and networks. There are many cybersecurity tools available in the market, such as antivirus software, firewalls, intrusion detection systems, and VPNs. These tools can help you organize, detect, and prevent cyber-attacks, along with providing you with real-time alerts and notifications.
Engaging qualified Cybersecurity professionals can also help you develop a comprehensive cybersecurity plan for your business. External cybersecurity professionals can conduct independent security assessments through the eyes of an attacker (e.g., penetration testing), identify vulnerabilities, and recommend solutions to mitigate risks. They can also help you develop policies and procedures to guide your organization security program and be compliant with relevant cybersecurity regulations.
In conclusion, the cyber gap is a real threat that could impact you in several ways. However, by taking proactive steps to improve your cybersecurity and thinking more broadly about where to find the skills or enable the people who want the skills, you can protect yourself and your business from cyber-attacks. Stay informed, invest in cybersecurity staff, training, and tools. For additional support and resources, work with cybersecurity professionals to develop a comprehensive cybersecurity plan. Remember that cybersecurity is a continuous process, and it requires a proactive approach that never stops. If you have any questions, we’re always here for you.
