The Cyber Security Talent Shortage and What CEOs Should Be Aware Of
By David Bridges, President of CompuVision
The global marketplace went digital decades ago, ensuring that doing business online became a prerequisite for being in business at all. Companies underwent a fundamental shift in outlook as soon as boundaries imposed by geographic location were rendered powerless by the infinite potential offered by the Internet. The future arrived fast, and businesses had to act accordingly; the ability to adapt became more important than ever before, and those that did not read the moment correctly were destined to fail in this emerging market.
The overall cost of data breaches in 2019 was predicted to be $2.1 trillion globally, which is a staggering four times the amount of damage inflicted in 2015. This data points toward lack of knowledge, skill and, most importantly, the lack of a workforce capable to stem the rising challenges that being always online brings to the table.
Recent inquiry by the Identity Theft Resource Center took special care to showcase the impact a damaged relationship can have on the very possibility of continuing to provide service to jaded customers in the future. No amount of damage control can repair a fundamentally broken relationship. It is essential that any organization has the cyber security tools, and the talent, to prevent these breaches and maintain privacy and integrity.
A veteran IT company such as IBM has tried to curb the talent shortage by creating a new type of worker, the “new collar” cybersecurity employees. Recognizing that no degree can replace proper analytical skill and a passion for problem solving, they moved towards the jobs of tomorrow and of today, positions heavily reliant on lifelong learning. The question this approach answers is: why wait? Recruiters’ jobs are to recognize a predisposition for risk assessment and develop an impromptu curriculum that runs simultaneously with workplace tasks. Nothing discourages the prospective intruders more than knowing that the other side may be ready for them.
While the need for continuous education of the workforce cannot be stressed enough, what about the knowledge of a CEO? Running a successful tech company is a business, after all – and one does not need to be a cybersecurity expert to obtain market success. However, knowing what it’s like in the trenches, where new procedures are developed to counter risks that the present and future bring is no longer desirable: it’s necessary. Risk management became a key factor when steering a company forward, and developing a plan runs in parallel with the ability to constantly (self)improve. The knowledge obtained this way forms an invaluable database from which we can identify – and define – potential liabilities and the advantages that can be gained should they be successfully countered.
Key Points to Take into Account when Improving the Cyber Security of Your Business
- Receive a third party audit to obtain a fresh perspective on your daily operations.
- Utilize machine learning to apply an AI-based antivirus software.
- Train your staff, then train them again – because awareness can never be raised high enough.
- Realize that backup is never a waste of time; lack of it can lead to a colossal loss.
- Gear up for disaster by recognizing the procedural errors that lead up to it – prevent the blackmail from ransomware groups.
When cyber security talent can’t be found in-house, having a third party provider to augment the staff skillset is a favorable choice. Audits that find weaknesses and troubleshoot legacy systems for potential vulnerabilities can help a CEO sleep more soundly at night. This is done through smart integration of the latest technologies into a company’s daily schedule. By looking inward, you’ll likely find you already have a savvy team who can help, or quickly learn how, to adapt to using new technologies. However, this insight does not come easily, as we’re often blindsided by routine and as a result, it’s not easy to pull off a paradigm shift.
Therefore it’s always useful to take a step back from what you’ve been closely working on and get an extra set of eyes to review your work and your team; they’ll likely be able to see vulnerabilities more quickly, and can create long-term changes in order to better utilize the talent and technology presented before them. Starting a conversation with the third party team is the first and the most crucial step to take – open debate will act as a much needed analysis of a business’ mindset, but more importantly, it will define any conflicting agendas and outline the true purpose of the current moment. Future steps are only made possible after the present issues are properly charted out.
Software is often viewed primarily as a risk-prone digital property – something that needs to be protected. This is a great disservice to its potential, since the advancements in AI and the concurrent development of sophisticated antivirus programs created an opportunity for a company to have a line of defense that is tailor-made to its purpose. A generalized security procedure will cover only the most common types of malware, remaining wide open to those designed so as to remain inconspicuous; machine learning has made sure that this, too is kept in mind of the defenders’ system.
Attack can be the best defensive play you have, and in the recent years, software giants such as Microsoft have introduced AI-driven malware analysis to their customer base. Advanced tech protection can not only recognize early signs of a virus taking hold, but can be a deterrent to the dreaded zero-day exploits, worst nightmare of any system administrator. These advancements in software design mean that the program can independently look for an infection pattern, and set the necessary procedures in place, even creating new ones as the need arises. This way malware is not only quarantined – it’s trapped in a classroom where it can be used as an educational tool from which the computer can predict future threat forms.
Upholding the daily routine can serve to instill value within employees, now sharing a common goal regardless of their work description. The drills that can be put in place are not aimed at general public; they represent the inner workings of a company, something that will be sensed by customers, no matter how successful its marketing campaigns are. It need not be equated with strict discipline that puts a burden on creativity, but with a measured weight of responsibility that everyone can share together.
The need – the necessity – of backup is the advice given when it’s already too late. It’s the maxim most people learn the hard way, and many are doomed to repeat it. First and foremost, it is the healthiest form of paranoia available in the digital space; assuring that each part of the plan is compartmentalized in secure segments that can be reverted to in case something goes wrong. It is a monumental time saver that many companies that went out of business did not have time to do. It can be done on physical media, it can put your data on the cloud, and it’s best to use every option on offer. Most importantly, backup is a state of mind that will be a cushion when our best-laid plans go wrong; and they will, and often.
Understanding how prone a business is to these threats mirrors the CEO’s cyber awareness. Realizing how a disaster may strike means not only anticipating the route it takes, but also taking steps that will minimize the damage potential. Ransomware usually goes for a company’s intellectual property, encrypting it and setting up a deletion date – unless a cryptocurrency fee is paid. For a business that did not protect its files in advance, where no backup procedure has been implemented in time, this may well be the only choice. It is a failure that ties together each previously discussed aspect of digital security: lack of fresh perspective, running of dated apps and drills, and a CEO’s unwillingness to lead by example.
Preventing a compound fracture that breaks down your company structure means being in tune with its daily operations, and having faith in the capability of its departments to work in sync; each day, another aspect of entropy may be prevented. Software is exact, but humans are fallible; there is nothing as beneficial to a more secure future as improving upon an earnest mistake.
Cyber Security Talent Shortage
Cyber Security Talent Shortage
The Last Word By Adam Hofmann, VP of Marketing, Singularity University Are you excited about the future of Canadian technology? If you’re not, then you haven’t been paying attention. We are on the verge of what is shaping up to be a pretty cool boom in technology and I’m so grateful to be on the journey
We are the Outsiders …with a fresh perspective When we speak about “technology” today, it’s completely different than the technology from only decades ago. As a result, there are so many technological advances that often have implications that we do not realize until years later. We have witnessed how social media plays a role in
Power to the People George Stroumboulopoulos on punk, politics, and people By Breanna Mroczek If you’ve consumed any Canadian media over the past twenty years, then George Stroumboulopoulos is a familiar name and voice. Currently the host of the The Strombo Show on CBC Radio, Stroumboulopoulos spins “algorithm-free” tunes on Sunday evenings, many by artists
Sign of the Times How Technology Shapes Our Perceptions By Cara Bedford The online world used to be a novelty just a couple of decades ago, when you could still hear old guards grumbling about all the newbies posting unsolicited opinions on Usenet. It was a time of clear delineation, and milestones could still be
Disruption From Above Why, and how, drones are the next big thing for business. By David Daly The last ten years have had an unprecedented explosion of life-changing inventions. Technologically advanced platforms such as smartphones and the Internet of Things linked humans in ways unimaginable just twenty years ago. Never before have people had such
Fake News Why deepfakes might become the next big weapon in a digital society By Breanna Mroczek If you’re one of the 7 million people who have watched the YouTube video “Bill Hader channels Tom Cruise,” then you already have a passing familiarity with deepfakes. In the video, actor Bill Hader seemingly, and seamlessly, transforms
What’s in Your Water? FRED can Tell You By Lisa Sadach In 2014, what became known as the “Flint Water Crisis” began when cost-cutting measures led to a change in water source for Flint, Michigan. This change resulted in thousands of homes and businesses across the city having lead-contaminated water pumping through their faucets. As
Risky Business Why every industry can benefit from risk-informed decision making In September 2019, The Risk Management Society (RIMS) Canada Conference was held in Edmonton, Alberta and brought together speakers from across North America to discuss a variety of risk-related topics. At Disruption we love risk-taskers, so we talked to the President of RIMS, Gloria