Not one day into 2019 and the year’s first data breach was reported by the Victoria Premier’s Department in Australia, and a couple of days letter a truck load of high-profile German politicians and other individuals found their personal data had been leaked on Twitter. Seven days into the New Year and I have no doubt cyber security professionals are already exhausted at the prospect of what the next 53 weeks of 2019 holds.
Cyber security is frequently referred to as a ‘cat and mouse’ game and while it’s certainly true that the white hats frequently struggle to keep up with the innovation of black hats, the way that we’ve traditionally attempted to has left a lot to be desired. There’s no doubt that technology has come a very long way in supporting security professionals on the ever-growing battle-ground, but machines are only half the battle. People are the rest.
That fact is unlikely to come as much of a shock to most people. There’s enough talk about the dire skills gap in cyber security and the need to recruit more people into the industry, but it goes further than that. The way that we teach cyber skills hasn’t been updated in years. Every six months or so, the security team gets shipped off to London or another city to sit in a lecture theatre for days, listening to a trainer explain the ‘latest’ threats and how to combat them. The problem with this is two-fold. Firstly, it’s not a particularly engaging way to learn – akin to in one ear and out the other. Secondly, by the time these skills have been taught, cyber criminals have moved on to their next thing and the lesson is out of date. It’s really no wonder we can’t keep up.
On top of this, cyber security teams are bombarded by information on a daily basis. In the last few years, threat intelligence tools have become a key component of enterprise security strategies and, while they provide invaluable insight into the latest attacks, security teams often don’t know how to deal with the information they’re given. This is leaving a gaping hole in most businesses’ defences, one that can’t be plugged by more security tools.
Corporates are beginning to recognise that a drastic re-think is needed, and intelligent security tools need to be combined with real-time learning in order to have any hope of keeping on top of the barrage of new threats emerging. There’s no doubt that there are some incredible security tools available and threat intelligence has fundamentally changed organisation’s approach to security, but this technology is only as good as the people using it.
So. what’s the answer? As Goldman Sachs’s CISO has put it “continuous training programmes are critical to meeting evolving cyber security threats”, organisations need to move away from sporadic training to ensuring skills are kept up to date day-to-day in a way that will engage security teams. It’s important that general skills are kept up-to-date, but teams also need to know how to deal with emerging threats as well. This means taking threat intelligence data and making in actionable, running sessions as the information becomes available to ensure there are no knowledge gaps.
YOU MAY ALSO LIKE
We’re on the right path to make it more and more difficult for cyber criminals to have their way. As more organisations realise the value of continuous training and skills development, they will quickly find a drastic improvement in their defences. Bringing people and technology closer together will be the answer to fighting the cyber security battle.