“We are drowning in information while starving for wisdom.” – E.O. Wilson
We in IT are often guilty of conflating information with wisdom. As I like to think of it, information is the micro-lesson we learn from every hack or data breach, and wisdom is the life lesson we carry with us long after it happens. In IT, as in many sectors, our collective wisdom is what keeps us safe. It takes us from “Maybe I shouldn’t open this suspicious email,” to “I should report suspicious emails to my company.”
According to Hackmageddon.com, 53% of all attacks in 2018 involved account hijacking, malware and point-of-sale (PoS) malware. In most of these malicious scenarios, end users are the primary target, but companies pay the price.
Research from IBM and the Ponemon Institute shows that since 2013 there has been a 29% increase in the cost of data breaches. Unfortunately, while companies are spending vastly more on the effects of malicious attacks, few are taking sufficient steps to properly safeguard their data, and breaches are becoming exponentially more sophisticated.
The Wild West of Cybersecurity
As companies struggle to move from information to wisdom, hackers are busy doing the opposite: they are gleaning more information about the inner workings of companies and using the vulnerabilities they find to more precisely target employees and improve their own malicious protocols.
From pre-baked threats, like compromised firmware, to credential harvesting by way of socially engineered phishing attacks, we truly are experiencing the Wild West of cybersecurity threats. Hackers now operate in teams, offering hacking as a service (HaaS) and preying on ill-informed individuals and fractured hierarchies within companies to carry out their reconnaissance. Getting cybersecurity professionals to work as a team is the best plan to combat this.
How to Build a Cyber-Safe Mindset
How does one build a cybersecurity team today, when so much is changing so rapidly? Understanding the team’s vulnerabilities and weaknesses is a good starting point, as is being able to look.
Does the team have a strong foundation?
What can be improved?
It’s important to honestly evaluate strengths and weaknesses before putting a plan into place. I believe that getting into the mindset of a hacker is particularly useful.
Here are some major security considerations you might contemplate:
- How do the different technologies in my company work with each other?
- Where are the gaps/interstices/connections?
- What are the implications of the traffic I see?
- How does the cloud interface with the rest of our network?
Two Sides of Cybersecurity
Simulations can go a long way toward keeping cybersecurity teams ahead of existing and potential threats. Using the designations of red team and blue team can be helpful for adopting the mindset of adversaries.
The red team, which includes penetration testers and vulnerability managers, can regularly look for new ways to exploit the defenses of the blue team, or security analysts. When weak areas are found, the whole team can adjust course as necessary.
The Right Skills for Cybersecurity Teams
Team members should all feel confident that they possess the skills needed to arm themselves against existing and potential threats.
The following skills make up the best cybersecurity teams:
- Security analytics and the ability to respond to incidents
- Penetration testing and vulnerability management
- Networking and cloud skills to build resilient infrastructures
- Linux and fluency with open source tools
- Identity and access management across a range of endpoints
- Implementation of encryption for data in transit and at rest
- Understanding technical risk and how it impacts the organization
- Adaptability and a desire to learn
- Problem solving and keeping calm under pressure
- Communication and the ability to work well in teams
From this list, I can confidently say that the last item, communication and teamwork – perhaps softest, but is the hardest to measure – is chief among them in importance. If someone can communicate competently and demonstrate strong teamwork, there’s nothing they can’t learn.
Building Stronger Cybersecurity Teams
We recognize that companies, often having more jobs than people to fill them, need a solution to the cyber skills crisis. Hiring managers need a way to increase diversity in the cyber workforce, while upskilling team members who are right for the roles but need the technical skills and confidence to carry out their day-to-day tasks. With those considerations in mind, we built CompTIA Cyber Ready.
CompTIA Cyber Ready is a six month cybersecurity training program that allows IT professionals who have some experience to take the next step and become fully qualified for cybersecurity roles with the CompTIA Security+ and CompTIA Cybersecurity Analyst (CySA+) certifications.
CompTIA Cyber Ready follows a flipped classroom approach, meaning students do much of the learning on their own, with guidance from a mentor, before coming together for discussion and reinforcement.
This approach ensures that graduates have the specific skills needed for cybersecurity roles. They are armed with new skills and are more attractive to employers as qualified, trusted professionals who understand how their technical and soft skills can minimize cybersecurity risk.
Staying Ahead of the Next Big Cyberattack
Predicting the next big cyberattack is extremely difficult. It’s not a task one person can undertake. Our collective wisdom keeps us safe, and that’s where we play a role in helping companies build cybersecurity workforces.
The threat landscape is evolving every second of every day. Cybersecurity never sleeps, and being armed with the right tools and mindset to stay ahead of adversaries is critical in any business.
Information isn’t enough. We must turn that information into something meaningful that can keep us safe, prevent needless spending on the effects of attacks and future-proof our skills. Organizations need to make the shift from IT information to IT wisdom.