According to certifications organisation (ISC)2 global IT security skills shortages have now surpassed four million. This is a challenge that has been around for a long time, and only looks like it going to get worse as protection of data becomes the primary concern for businesses of all sizes, and from all sectors.
If you look at the threats we are facing today, it is becoming increasingly clear that you can’t fight software problems with people. We know threats are coming at businesses from all sides, but the main vulnerabilities are still rooted in technology, with gaps in applications, malware, and so on causing the biggest headaches for organisations. We have to start using software to fight software problems.
That’s not to say that the human element should be ignored – far from it. Both malicious and accidental human error remain as much of a concern as they always have, and education remains a vital part of the cyber security toolkit, but many of these factors can be eradicated or dealt with in an efficient way through some of the smart solutions that are available today.
Companies need to start gaining an understanding of what’s in the market, and how Artificial Intelligence (AI), Machine Learning (ML), and user behaviour analytics, to name a few, are all adding to the landscape to ensure that organisations and their data are being kept safe. Unfortunately, most businesses are still using protection mechanisms that are years out of date, and the reality today is vastly different – and evolving rapidly.
For example, fingerprinting or hash-tagging documents to prevent them from leaving the organisation ignores the reality that today, most documents are created off the network. This makes it clear that companies have to start re-looking their data protection strategies.
When it comes to prevention, we are stuck doing the things we’ve always done because it’s comfortable, and because it’s better than doing nothing. Fortunately, there are some companies out there that are starting to realise that if they don’t do things differently, and if they are not looking at how to prevent data loss and information exploitation in different way, they are going to struggle to stay ahead of today’s threats.
The lack of skills provides an additional challenge for businesses who are still trying to control every aspect of their security strategy, and this requires another mindset shift. Companies need to stop thinking of their IT team as the go-to when it comes to data protection. There are a number of solutions available today that can be consumed as a service, and many of these offer better protection than the traditional solutions provided by most service providers. Not only do they offer better protection, they offer a much better user experience, allowing the organisation to switch services on and off as and when they need them.
This approach is particularly valuable for SMEs, who usually don’t have the resources and expertise to protect their information effectively, and yet who are a primary target for bad actors. With the digitisation and consumerisation of security through various service platforms, the business can essentially switch on a great skill when it needs it, and if it’s not happy with the results, switch it off just as easily.
Today, data is moving at the speed of light, and companies have to start using their data – and protecting it – at the same speed. Putting policies in place at the right level, and implementing those – together with having the right techniques, software and mechanisms in place – makes it much easier to prevent a breach. With security available as a service, accessing the benefits of technologies like AI and ML doesn’t require any additional investment in skills, and definitely won’t break the bank.
to connect with our expert