A man in a light coloured shirt faces the camera in an outdoor setting surrounded by stone pillars.
Jeff Watkins. Image: AND Digital

Cybersecurity skills gap: Why bad security is worse than no security

21 Jun 2021

AND Digital’s Jeff Watkins discusses the dangerous cybersecurity skills gap and what should be done to tackle the problem.

Click here to view the full Infosec Week series.

With technology firmly forming the backbone of modern industry, it comes as no surprise that with such innovation comes great threat. The shift to digital has meant many organisations have had to scramble for quick-fix solutions to enable business continuity, especially since the pandemic began. What isn’t always considered though, is the increased vulnerability to cybercrime that this entails.

It’s a fact that cybersecurity is certainly not a strong point for most organisations – the skills simply aren’t there. In the UK for example, high proportions of businesses lack staff with the technical, incident response and governance skills needed to manage their cybersecurity, with the government estimating that an uncomfortable 48pc of companies have a basic skills gap.

With quantum computing being a feasible method of attack in the near future alongside the otherwise immense rate of technical evolution, a roughly two to three-year cycle of significant change in the tech we use means companies are left exposed and ill-equipped to defend themselves and their data. On a broader level, critical infrastructure is already constantly at risk of hacking, highlighting the urgent and persistent need to invest in cyber skills – and fast.

Clearly, there’s much work to be done not only when it comes to fortifying tech systems against vulnerability, but also in equipping teams with the skills they need to operate and detect threats as they occur. The real threat, arguably, is for businesses with security patches that simply are not up to scratch – the false sense of security can lead to complacency and let threats creep in under the radar.

Cybercrime on the rise

The accelerated shift to digital industry we’re currently experiencing fuelled by Covid-19 has been applauded, but it definitely comes with risks. Such a rapid switch to home working and learning has brought with it a deluge of cyberattacks, security vulnerabilities and a rise in ransomware attacks involving exfiltrated data being leaked.

Arguably, the number of incidents was already increasing steadily pre-pandemic, however many organisations had to pivot to remote without time to consider the security implications. As a result, cybercrime is growing exponentially.

Opting for quick-fix applications was a necessity but, as time rolls on, it is crucial DevOps teams are focusing on fortifying their infrastructure and networks to mitigate against the spiralling risks. Concerningly, opportunists are seizing their moment to expose vulnerabilities in schools, colleges and universities.

With this in mind, leaders must seriously consider the implications of dispersed users by protecting and centralising their networks where possible.

Bad to worse

Bad security is in many ways worse than no security. This false sense of safety can lead to complacency and, in turn, huge holes for hackers to infiltrate. Inevitably, this can have devastating effects.

For publicly funded organisations especially, lack of budget and appropriate training could pose as the main blockers to secure digital transformation.

Aside from budgetary constraints, the increase in remote devices and miscommunication of policy can lead to flawed security. All staff must be operating on secure networks, investment in training and best practice can no longer be left by the wayside, and responsibility for secure working can no longer rest solely on the IT department.

A zero-trust approach – that is, treating all devices as untrusted – should be adopted as standard. The dispersed workforce means businesses can’t rely on 100pc secure communication channels and BYOD (bring your own device) adds its own layer of complexity and risk. Teams of all sizes must ensure they keep a firm eye on guidance and build it into their long term infosec strategy.

Fundamental skills and strategy

For DevOps teams to really tackle the widespread risks and keep pace with the increase in cyberattacks, competency in some core skillsets is a must. Security practitioners must be able to handle incident and response and be literate in SIEM (security information and event management) tools and services.

Aptitude in creating automation and real-time analysis should translate into incident response plans, which in turn should be built into long-term risk management conversations. Spotting issues early and responding to them in good time can make a world of difference and could even prevent a large-scale disaster.

All businesses must prepare for any eventuality when it comes to security. Investment in training around audit and compliance, regulatory compliance, analytics and intelligence competency will mean teams have a more thorough understanding of how to proceed when a breach occurs, for example.

Alongside these basic skillsets, knowledge of intrusion detection, firewall management, application security development, mobile device management, digital forensics, identity and access management will put businesses in good stead to defend themselves digitally.

What’s at stake?

On a macro scale, nation states’ critical infrastructure is very much at risk of infiltration if not defended properly. The rate of which data is being generated by new technology is driving the need for high power computers to analyse and decipher the data and appropriate security patches will need to be advanced enough to handle this process.

Nation states must be the first in line for high-power tech, as arguably the most sensitive and critical data rests with them. Above all, matrix encryption and agility will need to be the focus for DevOps teams in the race to keep up and defend against this rapid threat generation.

It’s no longer an issue of if – but when – a breach will happen. This is why investment in skills training must take priority as we progress further into industry 4.0. Programmes aimed at existing staff are a great place to start and demonstrate commitment to upskilling and recognition of ability, which is always a good idea.

Similarly, partnerships that can educate and build software to safeguard against growing cyberthreats are a sage decision, giving employees practical on-the-ground guidance as to how best to defend against growing cyberthreats.

Remembering that people are still very much behind the wheel of all cyberthreats should motivate businesses to invest in their own people. Gifting them with the knowledge to combat advanced security threats and giving them insight into what’s at stake will undoubtedly safeguard against future threats for years to come. It’s worth the investment.

By Jeff Watkins

Jeff Watkins is the chief engineer at tech services company AND Digital. He has more than 21 years of experience in the IT industry.

Loading now, one moment please! Loading