How to find cyber security Jedi heroes to fight “The Dark Side”
The demand for skilled cyber security professionals is stronger than it has ever been. Cyber criminals see no geographic borders and have the capabilities and tools needed to target people, organizations, and systems anywhere in the world. The modern cyber environment leaves all companies, countries, and systems vulnerable to attack.
So how do organizations find and arm staff to face this highly-capable and elusive ‘Dark Side’ when there aren’t yet enough Jedi heroes to go around?
One of the more speedy options some organizations find feasible is procuring external support as part of, or as an addendum to, an existing SaaS provision. This solution could bring a degree of policy implementation, basic monitoring, and incident response to a small or incomplete security organization quickly, but may not ensure the intense, thorough defense and monitoring required to stop a breach before it can cause severe damage.
If external support is not feasible or sufficient, building a high-performing internal security team is by far the most effective defense that an organization can implement. Security team members can be sourced from various talent pools, including new graduates, existing IT staff, and technology-savvy professionals seeking a career change. Depending on operational needs, drafting talent from these pools is most successful when an organization utilizes pre-employment aptitude and skills-testing, along with proper training and certification for professionals once they are on the job.
“Cyber threats could impact businesses in a significant number of ways. A successful attack could undermine a company’s reputation and tarnish its brand. Cyber criminals could steal money from businesses by tricking their CFO and other employees into giving over control of their financial accounts. For companies that produce products, serious vulnerabilities could result in lost market share or even a recall. And, most worrisome, attacks against critical infrastructure including electricity, water distribution, manufacturing and more could result in physical injuries to people, and possibly even loss of life. The stakes are high.” says industry expert Ed Skoudis, a faculty fellow of the SANS Institute.
Cyber security talent pools
Students in Asia are growing increasingly aware of the opportunities available in computer science and cyber security, and are pursuing these fields more often. Those looking to their futures are considering careers in computing across the board, for a number of reasons including the perceived financial rewards the sector offers.
Of course, computing is a very broad spectrum and may not lead all students to the critical, specialized fields of penetration testing, digital forensics, or cyber defense. Developing the next generation of VR games may be a more enticing career to some, but the rise in public awareness of cyber security breaches is directing more technically-proficient professionals to the area of IT security specialization.
Existing IT staff may have the most applicable and ready skills to make the transition to a security role, but that transition does not happen overnight. Effective security operations require practitioners with hands-on practice and a deep understanding of the vulnerabilities that hackers target. Firewalls and staff vigilance are good, but the type of pro-active approach needed to protect an organization from cyber threats requires specialist knowledge and real-world skill.
Also, assigning cyber security responsibilities to internal IT departments has serious risks if proper planning and training are not carried out. A CTO, employed for his or her business acumen and strategic vision may not have the necessary depth of knowledge required to face down the very latest threats. Appointing a new CISO could be the answer, but proper funding of the new department for tools and training will matter as much as his or her qualifications.
Of course, all areas of business require “specialist knowledge”. But what decision makers in the enterprise need to realize is that criminal users of technology (so-called “black-hats”) are clever. Very clever, and fast. They possess the same or more experience and confidence as many security leaders, and will not hesitate when presented with an opportunity to access unsecured data.
As an example, when an exploit in an operating system becomes apparent, that knowledge doesn’t usually disseminate into the larger public consciousness until, unfortunately, the exploit is used on a massive scale to make criminal gains. The “public consciousness” includes the consciousness of 99 percent of IT specialists, unfortunately. But one thing is certain: the cyber criminal is looking specifically for that exploit and almost any vulnerability can become known to a hacker very quickly.
Nick Klein, an Australian Digital Forensics Expert and SANS Certified Instructor says, “Training and management support are the silver bullets. A well-trained staff member will understand how an attack looks, what tools and techniques attackers use, how to find evidence of attacks across their systems & networks and what tools and techniques will help them. When management train such staff and give them the time and support to perform this critical work, the company will be well on the way to improving their security to meet the cyber challenges of today.”
Prevent security incidents by investing in your Jedis:
- Ensure IT management are aware of the depth of knowledge required by their teams with regards to IT security.
- Employ, or train, so-called “white-hats”. With the absolute latest in skills and techniques, these are the people who will assess, survey, test and implement necessary defence.
- Educate HR managers to recognize ways in which employees can be compromised, personally, and the way IT teams deal with cyber security issues, in general (such as in software development activities).
- Make all staff conscious of cyber-hygiene.
Across the Asia Pacific region, specialist companies capable of supplying what is necessary are starting to appear. What differentiates these companies from most IT suppliers is that they are not renting cloud storage, pushing AV deployment systems, selling Exchange hosting, or any of a host of more common services.
Rather, these suppliers have developed the skills necessary to actually inform knowledgeable professionals with the techniques, attitudes, and approaches necessary to counteract what is a hugely profitable enterprise: cyber crime.
The bottom line for all organizations: it’s not if a data breach happens, it’s when that breach will take place, and what the effects might be.
While no provision is a 100 percent surety, the common phrase “know thy enemy” is perhaps the best proactive threat mitigation advice for any organization that values its data.
With these thoughts in mind, the SANS Institute is the most trusted provider of cyber-security training operating in the Asia Pacific region and beyond.
The SANS Institute was founded in 1989 as a research and educational organization, and now offers more than 55 information security courses in topics including incident response, penetration testing, security essentials, cyber defense, secure development, management, and industrial control systems security. More than 30,000 professionals take SANS training each year, including beginners, advanced technicians, and C-level managers.
In addition to training and certification, SANS also offers two graduate degree programs, skill assessment testing, security awareness training, and many free resources including webcasts, weekly newsletters, white papers, and more.
SANS has offices in the United States and in both APAC and EMEA regions and offers its training live in classrooms around the world and online. All SANS courses are all taught by real-world practitioners who go through rigorous testing and preparation before leading a SANS course.
SANS clients are government organizations and enterprises of all sizes, including all of Fortune Magazine’s Top 100 companies. SANS’ diverse set of offerings supports a broad approach to cyber security which helps organizations build highly effective security operations via comprehensive, long-term training plans.
For example, SANS NetWars is a suite of interactive learning scenarios that enable information security professionals to develop and master the real-world, in-depth skills they need to excel in their field. In SANS’s award-winning courses, attendees consistently rate its hands-on exercises as the most valuable part of the course. With SANS NetWars, participants learn in a cyber range while working through various challenge levels with a focus on mastering the skills which information security professionals use in their jobs each day.