By Rakesh Kharwal
The business success of enterprises operating in today’s digital age has been daunted by cyberattacks. While so far in 2019 we have seen a calm in nefarious online activities, businesses can never afford to be complacent. All industry experts agree that online threats exist even in siloed environments and most organisations get attacked when they least anticipate it. This fact is only made more critical when we consider a dearth of well-trained cybersecurity experts, ready to ward off any impending threats.
Owing to their far-reaching impact on businesses, let’s figure out how modern companies can transform their in-house cybersecurity training to develop a resilient incident response team, armed with the best skills and strategies to ward off any looming cyberattack.
The need for cybersecurity experts
There is a great demand for seasoned cybersecurity professionals. While in their bid to attract the top talent, the companies are offering stellar packages. And yet, it is still a struggle for them to fill up vacant positions. As per ISACA, 60% of enterprises have unfilled cybersecurity positions in the organization and 54% of organizations take at least three months to fill open positions. India alone is in dire need of 1 million cybersecurity professionals.
The lack of skilled professionals is only making matters more complicated for the existing talent. As per a study by Help Net Security, 85% of SOC (Security Operations Centre) professionals believe that they are understaffed and 70% say that the skills deficit has resulted in an increased workload on existing employees, leading to higher attrition rates within the sector.
With the workforce under severe pressure, the present-day companies are unable to achieve the aspirational efficiencies and optimisations. A study by Techtarget confirms the same, claiming that 50% of the existing security tools are not utilised due to lack of skills. The growing amount and complexity of security tools and their specific integration to the entire cybersecurity architecture are some of the biggest challenges for business leaders.
A new paradigm in cybersecurity training
The industry has been trying to recover from the current dearth of expert cybersecurity professionals. In order to fill the training gaps, companies are now opting complete utilization of cybersecurity frameworks, industry certifications, OEM’s Product Certifications or baptism by Fire – which essentially is learning on the job. However, such traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. With cyber threats getting sharper and more nuanced, IT training needs to move beyond theoretical sessions.
A paradigm shift in the discipline is needed to help the companies make significant headways. The perfect analogy would be of training pilots; they endure hours of flight simulator training to prepare for any type of threat, including inclement weather or an emergency scenario.
While theoretical knowledge is essential for understanding the basics of how networks, operating systems, and security tools work, without practical understanding and hands-on experience, a security analyst will be slow to detect a breach, investigate, and remediate it. Industry pundits and research bodies like SANS, ISSA, and ISACA seem to unanimously agree that there is sizeable room for improvements in the cybersecurity skills of practising individuals. In fact, cybersecurity is essentially a skill that only improves with practice. The more incidents one responds to, the more effective one becomes.
Simulation platform to resolve the skill deficit
A simulation platform solves multi-dimensional IT security challenges for present-day organisations. Instead of letting the security team brace challenges for the first time on the job, it provides them with initial encounters to help them be prepared. This approach yields dramatic results vis-à-vis their performances. The outcomes, however, are governed by the ability of an information security officer to run a real-life simulation, trainees’ access to security tools within a dynamic environment, and exposure to multiple scenarios for enhancing the decision-making capability of a trainee.
A definitive simulation platform would provide organisations with:
1. Test-bed for potential products.
2. Training environment for new products that dramatically improve an individual’s performance and his/her adeptness in using these tools.
3. Training environment for the team to improve communication and teamwork.
4. Means for simulating and training the entire organization on the breach playbook and the related business dilemmas, including potential business executive decisions. This enables the Information Security team to brainstorm and decide in real-time during various scenarios like ransomware attacks, where executives must collectively decide either to pay, negotiate, or mitigate.
5. Breeding grounds for the organisations to assess and onboard new recruits and develop individual skills.
In a nutshell, simulation-based training will become an inseparable part of IT security training, certification, and qualification, quite in the same fashion as our pilots are trained. In addition to resolving the challenges of limited security tools, the paradigm shift will enable enterprises in having a new generation of cyber defenders who are better equipped to face unique challenges and modern security threats head on with grace.
(The author is the Managing Director- India/South Asia & ASEAN, Cyberbit)