Why we are falling behind in cyber security: A look at the skill gap and the solutions ahead
The skill gap in cyber security is more damaging than we imagined it to be. Imagine a burnt-out cyber security employee, trying to do all the work of five people alone. How can you expect someone with so much workload to focus and concentrate on the tiniest of security flaws? Ultimately, it ends up defeating the purpose of the professional at work. We desperately need to address this issue and focus on erasing the skill gap as soon as possible so that we don’t find ourselves on the brink of a cyber security crisis in the coming future. This does not just mean that we need more professionals who are trained in network security, CEH training, forensic analysis and incident handling. We also need better cyber security software, techniques as well as methodologies to fight criminal hackers in a smarter way. We need to upgrade our game of defense drastically if we want to seriously curb the number of cyber threats and attacks that we face on a daily basis.
When it comes to building enough talent to provide the necessary cyber security services, we don’t just need front line workers, we also need researchers, instructors, strategists and other industry experts that can create an all-around team for a holistic cyber security posture at any organization. Not to mention that we must also focus equally on training the employees and the general public on basic cyber security education and even teach them advanced tricks and techniques to stay safe if need be. All in all, we need to take our game up a notch and do at least double of what we have already been doing if we want to win this battle.
On one hand, we need to encourage students about information security as a career and instil in them the passion for solving cyber security problems as a challenge. On the other hand, we also need to ensure that we have made world-class education accessible for anyone and everyone to help us bridge the gap. This could mean providing more people with an option for an ethical hacking course online and removing the fear and the perception of cyber security as a highly complex and technical profession from peoples’ minds. We need programs, practical events that promote cyber security as challenging and highly rewarding work.
Creating interest in individuals about this field may seem difficult, but with the right intent and practices, this is more than possible. It has been noticed that a lot of people have no idea about what cyber security or ethical hacking is. Delving in the basics, and making people aware of the countless cyber security risks we all face is a good place to begin. Bug bounty programs, hackathons, threat hunting competitions, mock incident drills are a few things that can attract youngsters to the worlds of InfoSec. We must also work to improve diversity and gender equality in this profession because currently, it is a male majoritarian field.
In-house training of IT professionals can also provide an effective solution to this problem. At the end of the day, cyber security professionals are responsible for protecting what IT professionals are creating. Hence, it makes sense to convert IT professionals into multi talented individuals with high cyber security skills.
We don’t know what the future has in store for us and what new threats will emerge in our cyber ecosystem, but we know one thing for sure and that is that we will never run out of our need for cyber security professionals. It is time that we rethink our strategies and come fully prepared to fight cybercrime from the root, starting with awareness and education at the grassroots level.