No one can predict when the next cyber breach will happen – so it’s all about pre-emptive strategy. But you can only build defences if you understand the threat. And, even on this initial front, most UK organisations are vastly outmatched. The resources cyber criminals can deploy are totally disproportionate to those that companies can utilise. And they only need to succeed once to breach. Those at the leading edge have moved from reactively responding to incidents to proactively using analytics and AI to predict attacks and head them off before they start.
Part of the problem is a lack of home-grown I.T skills. Although we have talent in Tech City and in similar hubs, cyber security specialists are a very different breed. It’s all about developing talent through training. Hammond’s announcement of extra funding was a welcome commitment but could be too late for some companies. However, training takes time that some businesses just don’t have so this is why we’re seeing increasing demand for highly-trained interims who can hit the ground running. The constant reports of cyber terrorism, even during the US election, means cyber is front and centre of boards and is the number one risk for CEOs. Cyber interims who can articulate what it means in business terms, shape a set of solutions and roll their sleeves up to deliver them will be in most demand.
As if the skills challenge wasn’t serious enough, the UK is also losing its best cyber-warriors to foreign competition. Many of Britain’s best professionals are being drawn to more tempting salaries and ambitious prospects in Silicon Valley. Since the Brexit vote, Berlin and Paris are vying for our talent. Unless we can turn that around, we’ll be feeling the effects of this security brain drain for years – just when the threats are mounting. In a world where a business can be attacked virtually and prevented from operating from the other side of the world, the private sector needs to work much more closely with government agencies. Or as a nation we could find ourselves unable to defend against a constantly evolving and unknown enemy.
[su_box title=”About Paul Wright” style=”noise” box_color=”#336588″][short_info id=’100300′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.