Paul Farrington, Director, EMEA Solution Architects at CA Veracode:
“We are pleased to see the Government continuing to invest in cybersecurity skills in the UK. With news today that cyberattacks against UK organisations are at an all-time high, the need for greater expertise will be crucial in securing the nation’s data and services. However, it is important that industry doesn’t see the cyber skills gap as the Government’s problem to solve – especially as we see security becoming an increasingly prominent part of other technology roles.
In software development, for example, in 44% of organisations, the development team are responsible for the maintenance of third-party commercial and open source components. This suggests a move in responsibility for the ongoing management of security vulnerabilities, such as the Apache Struts2 vulnerability that lead to the Equifax mega-breach. Even as we’re seeing this shift, our research has also shown that 70% of developers were not required to complete any courses focused on security when getting their degree. It is crucial that organisations invest in improving the skills of their employees to assure their security of their services and solutions. Providing eLearning can improve security standards by an average of 19%, for example. Improving the nation’s cyber hygiene is a collaborative effort, and those companies that rely solely on the Government’s investment will find themselves burnt.”
“This move from the British government shines a spotlight on the dangers of the digital underworld today. Cracking down on the dark web is the right step forward, however criminals are smart and the dark web is not the only hiding ground for them. There are many access points and techniques used by criminals to conceal their activities, including the public web, where stolen personal data and financial information can be traded. Policy will help to some extent, but the onus is on businesses and individuals to look at their practices and implement intelligent controls that can lead to identifying these illegal activities.”
“Cybersecurity is big business and as we all now know it can have huge consequences, which is why cyber criminals and governments take it so seriously. While it’s great to see cybersecurity is front of mind, the amount of investment is a bit like buying a spud gun to battle a bazooka. Much more needs to be done as businesses continue to fall short of the mark in protecting themselves, often rooted in legacy and traditional security practices that fail to fully protect them and their data. The announcement of this new cyber-innovation centre should spur businesses into reviewing their practices and cybersecurity resources, stripping away antiquated practices and making sure they are up to the challenges and the risks of today’s digital world.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.