VARs partnering on technological security skills gap but social skills gap proving harder to fix

Value-added resellers (VARs) across Australia and New Zealand are struggling to obtain adequate security skills, according to recent findings from industry organisation CompTIA, and most are looking to other firms to plug those holes rather than trying to hire staff themselves.

CompTIA, which runs regular community meetings for channel solutions providers across ANZ, surveyed attendees and found that fully 86 percent said they were suffering from a security skills gap.

Cloud security was by far the most important security skill to their businesses, named by 63 percent of respondents, while mobility (50 percent), backup/disaster recovery (45 percent) email (45 percent), education (45 percent), identity and access management (43 percent) and risk management (40 percent) were all seen as crucial skills.

Despite strong agreement around the skills the channel businesses needed, attending organisations had broadly given up on hiring their own security specialists, with 81 percent saying they were going to partner with other firms to minimise their IT security skills gap.

Yet while many of these perceived weaknesses related to technological skills, many within CompTIA's channel community were particularly concerned about issues whose remediation lay outside of the IT department – such as the ongoing role of human factors as a vector for security breaches.

“Security in the past was addressed by technology,” director for channel dynamics Moheb Moses told CSO Australia, “and partners are very good at designing technologies to block threats out. But the problem now is not technological: it is answering questions like 'how do I educate my organisation not to put passwords on yellow Post-It notes?'.

This issue is not just something we talk to IT about, but something we may need to talk with HR about.” Employees' poor password protection remains a bugbear for businesses of all sizes, with one recent study suggesting that 27 percent of US office workers would sell their business systems password to an outsider for amounts as low as $US100.

These passwords, along with a range of other information that is readily and routinely shared by many employees on social media, were empowering even small hacker groups to launch targeted attacks that had proven so highly effective, particularly against Australian targets, that many attackers were launching fewer but more focused attacks targeting CEOs for extortion and aiming to exploit weaknesses in company procurement processes.

Social media had proven to be a particular weakness in this respect, since employees were still regularly posting information on their social-media sites that is informing cybercriminals' targeted attacks.

“The proliferation of social media platforms continues to provide an extremely effective way of duping someone into releasing sensitive information or cracking login credentials,” Moses said, noting that the addition of big-data analytics platforms could take the problem to a new level by automating evaluation of the strength of social-media relationships.

“If you have some kind of big-data platform that can analyse connections, relationships, time and place and geography, you just have to think about it in a point-to-point direction and it will capture these relationships,” Moses explained.

“This would be a very logical step by someone who was serious about very targeted attacks.” No amount of security technology or internal capabilities can fight these types of attacks since they largely rely on publicly available information that employees choose to post online.

But reining in this behaviour, participants at the ISACA events agreed, can be extremely difficult even in a company that has strict guidelines about what employees should and shouldn't put on social media. “It's possible that someone may post something unwittingly through their social-media account that amy release information that the organisation may now want released,” Moses explained.

Read more: How responsible are employees for data breaches and how do you stop them?

“They may say things about the organisation and not realise it is a security breach – but this is a reflection of the cultural attitude towards privacy.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Identity And Access Management (IAM)VARsrisk managementtargeted atatcksIT Securitysensitive informationAustralian targetslogin authenticationemailhacker groupsmobilitycomptiaweak linksExtortionbackup dataskills gapsocial media sitescyber criminalsdisaster recoveryeducationcloud security

More about CompTIACSOISACA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place