FEATURE : SOC targeting the business . Through investing in the SOC , the CIO can build reliable defences that protect corporate data and IT-infrastructure from complex threats , targeted and APT-like attacks .”
Skills in demand
Hand said in an environment fraught with growing risk , cybersecurity skills need to be addressed particularly in the current environment , when organisations are having to do more with shrinking budgets . “ The need to accelerate Digital Transformation means there have to be adequate cybersecurity skills in place to mitigate risk as they digitally transform ,” he said . “ Organisations in Africa need to look at multiple approaches to address the skills shortage . One measure would be to put security as a key topic all the way from school level through to university level . Companies could also consider introducing more short , technical cybersecurity courses , in which some basic security skills are taught without the need for advanced degrees .”
He added that industry stakeholders should also collaborate more on joint research programmes to develop Machine Learning and AI solutions that take over some of the tasks burdening cybersecurity staff today .
The required skills matrix in 2021 it is quite broad , you need great understanding of endpoints and networks , a good knowledge with tools like SIEM , SOAR , TIP , EDR , Firewalls and sandboxes , but also skills like Ethical Hacking , reverse engineering and forensics .
What helps to become a great security analyst is empathy with attackers : What information will they look for ? How will they try to attain their goals ?
Kaspersky ’ s Van den Heever added that from a skills perspective , effective SOC team members must have an inquisitive mind capable of constructing an overall picture from scattered data fragments ; the ability to maintain a continuous focus while withstanding high stress levels and a good general knowledge of IT and cybersecurity .
“ But whether a company is looking to fill SOC roles through external recruitment or internal promotion , finding team members with the desired skills ‘ out of the box ’ is not easy . Ongoing training is therefore essential not just to fill the gaps between current and required skillsets , but to equip team members to deal with everchanging security technologies and a continuously evolving threat environment ,” he said .
To this end , added Van den Heever , the Kaspersky Cybersecurity Training Programme features courses designed to include both theoretical classes and practical labs . “ Developed by the same security authorities who helped build the Kaspersky anti-virus labs , students are invited to validate their knowledge through an evaluation . Training courses are suitable for IT-related professionals possessing general or advanced system administration and programming skills . All courses are available either online or at customer premises as required ,” he said . p
www . intelligentcio . com INTELLIGENTCIO AFRICA 37