FEATURE : CYBER SECURITY - STAFF & RECRUITMENT

This disconnect , along with rapidly evolving regulatory requirements and networking technology , further widens the cyber security skills gap . Matters don ’ t get easier if you throw Internet of Things ( IoT ) into the mix . As the IoT gains more traction , the lack of basic security standards in IoT devices will exacerbate the security skills gap . This is set to have a compounded impact as customers embrace Internet of Everything ( IoE ) which represents an unprecedented opportunity to connect people , processes , data and things .

While IoE will create new operating models that drive both efficiency and value , it may also become one of the world ’ s most challenging cybersecurity threats . The reason being , customers and businesses will have to bring together IT and operational technology , giving adversaries new targets such as vehicles , buildings , and manufacturing plants .

This blurring of IT and operational technology environments has already resulted in a 250 % spike in industrial automation and control system incidents over the past four years and according to Gartner , the number , scale and sophistication of operational technology attacks will continue to increase , putting connected industrial systems , building control systems , and energy systems at risk . Mitigating advanced persistent threats in OT environments requires people who can bridge IT and OT . Unfortunately , people who can bridge the gap between IT and OT are in extremely short supply .

WITH SO MANY HIGH- PROFILE , HIGH-COST BREACHES , BUSINESS LEADERS ARE BEGINNING TO TAKE NOTICE . EXECUTIVE MANAGEMENT AND BOARDS OF DIRECTORS ARE NOW RECOGNISING THAT CYBER SECURITY IS NOT JUST A TECH PROBLEM . IT ’ S A BUSINESS PROBLEM .

Important insights that can help businesses mitigate the cyber security talent shortage :

Cyber security requires cyber strategies : Too many companies today have underperforming security programs because of a failure to define and execute holistic cybersecurity strategies . The lack of a cohesive , enterprise-wide cyber security strategy , one that is based on policy , typically results in improvised security solutions that leave in-house security teams playing whack-a-mole . Internal security teams spend 63 % of their time on security-related tasks , leaving them little time to drive strategic security initiatives .

Security organisations need data scientists with business acumen : With so many high-profile , high-cost breaches , business leaders are beginning to take notice . Executive management and boards of directors are now recognising that cyber security is not just a tech problem . It ’ s a business problem . As security discussions move to the boardroom , CISOs and their teams need data science skills to analyse cyber security data and business skills to manage trust ( company reputation ) and risk ( costs ). The conversation has

migrated from one of red , yellow , and green vulnerability status checks to financial conversations in which security risk is measured in dollars and cents .

The cyber-talent skills gap will drive enterprises to managed security services : Most organisations are struggling to solidify a cyber security vision supported by an effective strategy that uses new technologies , simplifies their architecture and operations , and strengthens their security team . This is pushing companies to bolster in-house cyber security expertise with professional security services . Using security partners

32 INTELLIGENTCIO www . intelligentcio . com