Aftershocks from the Cambridge Analytica data breach are still being felt around the world. While global scandals like these spring to mind when people think of ‘hacking’, the fact remains that cybercriminals pose a risk to all online users and businesses, regardless of geography.
Globally, the average time to detect a breach has improved in recent years – 99 days on average, according to Marsh and McLennan. The APAC region is trailing further behind with the same study finding the typical time between an attacker compromising a secure network and a breach being detected amounts to 172 days.
Australian businesses should be aiming to detect a breach within 24 hrs, not close to 6 months! Faster detection ensures that the damage to internal systems is minimised and that all relevant stakeholders are alerted to a breach in real-time, ensuring greater transparency and trust in security processes.
In light of this, the cybersecurity focus should shift from preventing attacks to reducing the amount of time attackers can actually spend within an organisation’s environment.
This may seem like a frightening security strategy for IT decision-makers, but it is one that acknowledges today’s reality. It is about proactive detection, appropriate response times, and ensuring an organisation has the right skills and expertise in place to identify anomalies before they become obvious. In other words, Active Defence.
Attracting talent requires more than just money
It’s a challenging time to attract cybersecurity experts as the demand for tech skills intensifies across Australia. Given the highly skilled nature of the current and future workforce, demand for ICT workers is set to grow by almost 100,000 to 758,700 workers, says the Australian Computer Society’s (ACS) Digital Pulse 2018 report. In order to remain competitive in the global economy and be seen as a digital leader, Australia will need to double this talent forecast.
Conversely, with less than 5,000 domestic ICT graduates a year, the only way we will meet these skills targets is by continuing to import labour from overseas unless education and training outcomes in this area improve at a local level. The lack of Australian ICT graduates is exacerbated by significant drop-out rates and a number of cybersecurity education programs failing to properly integrate the theoretical and practical skills necessary to prepare students for today’s challenging cyber workforce.
While salary is an important factor in attracting skilled tech talent, organisations cannot rely on high wages alone to attract and retain digital experts. New research from IT recruiters Halcyon Knights highlights that, at least within the APAC technology sectors, there is no correlation between high wages and job satisfaction. Considering that 44% of technology employees already earn over $120,000, it is clear that organisations need to offer non-financial incentives like flexible work from home days, professional development and training, scheduled passion project time, flexible leave and opportunities to experiment within roles, to attract more skilled cybersecurity staff.
Stop looking behind to get ahead
With a large and widening skills gap, it is becoming increasingly difficult for IT teams to adequately resource and scale their incident response times without placing extra pressure on their already time-poor IT teams. Gartner’s 2018 cybersecurity report emphasises that skills challenges continue to plague organisations that undergo digital transformation, with a shortage of skilled security staff listed as a top inhibitor of innovation.
But whilst businesses continue to look in the rearview mirror, focusing on past breaches and trying to find the right people to patch past problems, cybercriminals are finding new vulnerabilities to exploit.
Cybercriminals require very little to launch major attacks on organisations and leave extensive damage in their wake. Fixing a security breach is only the first step, the other is identifying anomalies that may otherwise appear like normal activity. This requires specific skills and expertise – your teams need to act like white hats whilst thinking like cybercriminals.
Despite recent regulatory measures taken by the federal government to encourage data security best practice, the fight to stay ahead of cyber-attacks is an ongoing battle. It is wishful thinking that A/NZ organisations will ever be able to get ahead of cybersecurity risks when cybercriminals are constantly experimenting with new avenues and technologies. Instead, the focus must shift to investing in the right skills sets that will help to minimise these risks and ensuring that the right processes and procedures are in place. While there are significant costs involved in preparing strategies like these, cyber-attacks are inevitable, and the cost of doing nothing is far greater.
The right people make the difference
When it comes to cybersecurity, many businesses feel that they have one of two options to either up-skill their current workforce or out-source the problem.
It is no longer enough for cybersecurity teams to sit idly by waiting to be alerted to breaches. An active defence strategy involves skilled and proactive monitoring, which ultimately requires the right technical expertise. Experience in identifying weaknesses across the network or strange anomalies that could signal a possible attack is critical, as is a level of expertise that understands the hacker’s mindset.
While today’s cybersecurity landscape may at times seem daunting, there is always hope. Creating strategic partnerships with technology providers, offering non-financial incentives to attract talented employees, and advanced knowledge sharing across industries will allow Australian businesses to bridge this skills gap.