3 security skills every IT team needs
Plugging the lack of security talent gap needs thought and education
There is a lack of security expertise and this could affect how able your organisation is in securing vital infrastructure. According to a whitepaper published by Kaspersky, a third of businesses worldwide see improving specialist security expertise as one of the Top 3 drivers of IT security investment. Approximately half of businesses admit there is a talent shortage and growing demand for specialists.
For more reasons to boost your cybersecurity talent, check out Kaspersky's free report 'Lack of security talent, an unexpected threat to Corporate Cybersafety'
.my-newsletter-btn{ font-family: Droid Sans; background: #0064af; display: inline-block; color: #fff !important; font-size: 14px; padding: 4px 16px; text-decoration: none;}.my-newsletter-btn:hover{ background: #0b2644;}
The report also found that organisations that admit a certain insecurity in attracting new talent, end up paying from US$1.2 to $1.47 million. In comparison, large businesses that feel confident about their IT Security team development, pay anywhere from US$100K to 500K to recover from a single breach.
Organisations need a well-trained workforce to make sure defences are adequate; so what are the three security skills that every IT team needs?
Breach response
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
On your network, you need to be aware of any possible intruders and should a breach occur, you need to be able to respond to it.
While a network intrusion detection system (NIDS) can flag up illicit or anomalous behaviour by passively monitor network traffic, should a breach occur, you need the experience and knowledge to deal with it. That means devising an effective framework to deal with such attacks.
Your team need the wherewithal to update the framework when network components change or new threats emerge. The framework should give IT teams a process for dealing with the breach and what follows. This means you should know what data recovery plans are in place as well as any legal procedures to follow and which partners/customers to inform.
Hiring by hiring new talent has a direct impact on the damage caused from real cybersecurity breaches. In March-April 2016 Kaspersky conducted a Corporate IT Security Risks survey and found that significant amount of the recovery costs is due to additional staff wages - US$14K on average for SMBs, $126K for enterprises with companies spending more on hiring external experts and paying overtime for their own team.
Penetration testing
Another skill need by IT teams is penetration testing. This is a great way of finding problems with the infrastructure and fixing them before hackers can take advantage of them. It involves carrying out manual or automated processes to access servers, applications, networks, and user's devices, to see if a break-in could happen. With this testing, an IT team can produce a report for auditors as proof of compliance.
This report will also serve as a list of flaws that can be prioritised and fixed. Finding flaws can save time and money by preventing downtime and costs associated with security breaches.
Penetration testing should be carried out on an ongoing basis as an organisation's infrastructure is in a constant state of change.
Security engineering and analysis
Building in security from the get go is important. Making things secure now saves money in the long run. That means designing infrastructure that protects data, information and users in the correct way.
A good security analyst can carry out integration and testing, operation and maintenance of systems security. They should have a deep understanding of all the business systems in the company and know what data an organisation just cannot lose.
Threat data from various sources can be brought together and context understood and insights drawn and implemented from this information. An analyst should also be able to communicate the security position to the rest of the organisation to have buy-in from relevant stakeholders and executives. Information security analysts need strong oral and written communication skills.
According to Sergey Novikov, Deputy Director, Global Research and Analysis Team at Kaspersky (you can find more of his work in the whitepaper here), a security researcher learns something new every day, while doing their best to analyze new advanced threats.
"Understanding the real scope of threats and at the same time being able to communicate the needs of IT security to top management is very, very difficult," he says.
Further essential reading for IT teams - Kaspersky's free download 'Lack of security talent, an unexpected threat to Corporate Cybersafety'
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.