Submission By: Tom Gilheany
Businesses envision new markets. Governments like greater control. There are advantages for criminals, too. Cybercrime is one of the top two challenges in this vast digital transformation.
Digitalization links human beings, information, and machines. This makes it easier than ever for thieves to steal prized data. Such data includes trade secrets, network performance benchmarks, and customer behavior patterns. Personal identities, items of national security, and private medical records are also up for grabs.
The second challenge? Not enough IT professionals are trained and certified in digital security skills. The Bureau of Labor Statistics predicts that demand for cybersecurity analysts will grow 18 percent by 2024 in the United States alone.
Is Your Security Outlook Outdated?
In the digital age, security is everyone’s job, title aside. This includes you. View every facet of IT through a security lens.
Digitalization focuses on intelligence and automation software. Software-defined networking (SDN) is new digital technology. So are mobility, enhanced security, flexible access, the cloud, and virtualization. Each new technology affects the others. This interconnectedness brings up new security concerns. You must understand today’s security requirements to set up cloud and enhanced access.
Threats today are dynamic, evolving, and showing up from anywhere and everywhere. Set-it-and-forget-it security won’t work any longer. Online criminals use sophisticated technology and tactics. They keep trying to hack into networks and steal data. They have surpassed security professionals’ ability to protect the growing amount of data across a rising number of systems and users.
A recently published study was conducted by the Center for Strategic and International Studies (CSIS). The survey polled 775 IT decision makers at organizations in eight nations. An astounding 82 percent reported a shortage of cybersecurity skills.
This situation has a huge impact on any organization’s security capability, including yours. It shows up in the dearth of talent in critical roles. It pushes costs up to retain talent. It makes it impossible for you and your security team to keep up with changing threats.
Other factors add to the problem. First, the security landscape is even more complex. A typical enterprise has between 30 and 40 different security vendors in its network. Each part of this patchwork must be updated independently. This hikes the chances for an attacker to hit the weak spots in this piecemeal defense.
Second, cyberattacks are evolving. They occur now courtesy of cybercrime organizations and government-sponsored interests. IoT provides new and unforeseen ways to access systems and information by connecting more and different types of devices.
Today more than 10 billion connected devices run 77 billion applications. By 2020, there will be more than 50 billion connected devices and more than 500 billion a decade later. That is a huge growth potential for organizations and criminals, too. They can use IoT to take control of devices for ransom as well as stealing data outright.
Security Skills for the Digital Generation
You can improve this situation. Your organization can defend against digitalization’s new security challenges. But you must invest in your people to do so.
You need IT security professionals who can identify malicious acts. They should see the connections between different activities. And they should be able to separate false from true positives to classify events quickly.
Advanced security teams include digital security operations specialists. These specialists watch over IT security systems. They detect cyberattacks. They gather and analyze evidence. They compare information and coordinate responses. They can tell if an intrusion or security-related event has happened or is taking place.
They also analyze telemetry data from various feeds used to assemble logs into related chains of events. They sort out relevant chatter taking place during a security event. Digital security operations specialists’ skills improve security teams. They are another defense against new threats.
Training for Digital Security Talent
As cybercriminals diversify their methods, federated security teams become more popular. That’s because attacks and threats now come from outside and inside the organization.
You need skilled engineers to design thorough detection mechanisms. You also need analysts and investigators to comb through all information sources for that needle in the haystack.
As widespread digitalization’s security changes become clear to you, so should your organization’s course of action. Hiring and training the next generation of security talent is the next step. You must invest in resources and the right training. You must do so to develop networking professionals whose advanced skills enable you to avoid the far higher costs of successful cyberattacks. Think of training as a form of insurance.
Yesterday's Approach Won't Work
The knowledge and security techniques you used before the digital era no longer are enough. Network-connected devices generate a huge amount of data every 24 hours. Each day, a new mountain of data gold is ever more enticing to steal. This valuable data is often sensitive, proprietary, or confidential. You and your organization must do everything possible to safeguard data. IoT adds a new layer of risk by making it possible to hijack controls remotely.
While thieves reap big rewards for stealing data, others pay a price that is going up fast. IBM and the Ponemon Institute looked at 350 companies in 11 countries in 2015. They found that the average consolidated total cost of a data breach is $3.8 million, up 23 percent in just two years.
Data breach costs are going up for two reasons. Thieves are better able to steal—or ransom—much more valuable information assets. New, tougher regulatory penalties place additional burdens on IT systems.
Only professionals with advanced skills can keep your organization’s data, networks, and machines safe. Or securely connect your organization’s networks, devices, and people.
More than ever, you need properly trained and certified professionals to keep your IT infrastructure safe and to negate ever more nefarious cybersecurity threats.
Click here to learn more about how Cisco's CCNA Cyber Ops certification can help you get the skills you need.
Tom Gilheany is Cisco’s Product Manager for Security Training and Certifications. He has a diverse background in startups through multinational Fortune 100 companies. Combining over 20 years of product management and technical marketing positions, and more than a dozen years in IT and Operations, he has conducted nearly 50 product launches in emerging technologies, cybersecurity, and telecommunications. Tom is a Certified Information Systems Security Professional (CISSP), holds an MBA, and is an active board member of the Silicon Valley Product Management Association and Product Camp Silicon Valley.