EDITOR’S QUESTION
many had not considered cybersecurity as a career before, but after
starting the programme, would now definitely do so. These kinds of
initiatives must be the way forward.
Cybersecurity training for IT staff
A
s our lives become increasingly digital, we are exposing
our critical infrastructure, commercial systems, citizen
data and sensitive IP to ever greater risk of attacks from
cybercriminals, hacktivists and nation state operatives.
Attackers have visibly been accelerating their agenda of pursuing ICS
targets, for example the Triton/TriSYS attacks on safety systems and
ICS therefore needs to be a particular focus for skills development.
There are also other tactics companies can deploy. While the
merits of on-the-job experience cannot be overstated, training
can be the most efficient and thorough way to rapidly ramp up
technical skills among existing IT staff. This is particularly true
when it comes to cybersecurity.
By undergoing training, not only do IT staff become more efficient
and have a better understanding of the technologies they work with
– critical when defending against cybercriminals – but they can also
become more knowledgeable in front of customers, troubleshoot
better and so on.
It is therefore absolutely vital that cybersecurity should be a key
consideration for every organisation and this includes ensuring there
is a pipeline of skilled industry professionals who can help protect
critical systems, enterprises and citizens. At the moment, this is a
major problem in the global cybersecurity sector which is suffering a
global skills shortage and it is rapidly turning into a crisis. According
to reports, the worldwide workforce is heading for a shortfall of
1.8 million cybersecurity workers by 2022 and the industry is not
attracting enough newcomers to fill the gap. Organisation-wide security awareness
Fortunately, there are answers. Long-term, the solution has to
lie with teaching appropriate digital skills in schools and also in
investing in retraining programmes to access a previously untapped
pool of talented individuals. SANS has worked with a number
of governments to deliver programmes to educate school-age
students in cybersecurity skills and is currently working with the UK
government on Cyber Discovery, a schools programme to increase
awareness and skills in cybersecurity among 14–18 year olds. So Security outsourcing
38
INTELLIGENTCIO
While security i