News on Cybersecurity
Article by Ruth Shoham (Chief Executive for Strategy and Partnerships, Israeli National Cyber Directorate) & Yosi Aviram(Director, Cyber Cooperation, Israeli National Cyber Directorate)
Source: weforum.org
Cybercrime's attack surface has increased because of the switch to home working.
There is a growing gap in skilled cybersecurity practitioners – hence a need for more training.
The COVID-19 pandemic has affected our lives across the board. The unemployment rate in many countries has crossed into the double digits, and economies have been badly hit due to the health restrictions imposed on travel and business. And people are using the virtual world – to confer, to do business, to study, and to socialize – on a scale never seen before.
People’s homes have been modified to accommodate remote working, with no apparent reinforcement of their private communication infrastructures; some using their own private devices and others, end-point devices provided by their employers for home use.
From a cybersecurity perspective, the leap in the use of the internet has presented cyber-attackers with a bigger-than-ever attack surface. New applications have been developed in a rush, some without adequate security measures. According to a report from cloud technology firm Datto, ransomware is still the number one threat; such attacks have increased both in number and in sophistication. The cybersecurity challenge, troubling enough prior to the pandemic, has only become bigger and wider.
Another point of concern is the growing gap in skilled cybersecurity professionals. According to a Kaspersky survey, 73% of businesses find it very difficult to hire IT security personnel. The High-Tech Human Capital Report by Israel’s Start-up Nation Central shows a rise of 16% in high-tech recruitments between 2018 and 2019, while the Burning Glass tech report on "the fastest-growing cybersecurity skills on-demand" estimates growth of 164% in cybersecurity application development jobs available. The State of Cyber Security Hiring Report finds that while IT job postings have risen by 30% since 2013, the number of cybersecurity posts has risen by 94% and take longer to fill. It is estimated that the global gap in cybersecurity professionals will rise to about 3.5 million in the coming three years.
With high-tech wages growing by 27% in relation to a 15% average, no wonder that cybersecurity professionals' salaries are 16% higher than IT jobs, and governments and industry are struggling to recruit them. It seems that the usual recruitment methods won’t suffice, and we need to expand our scope and look for other populations to fill the gap.
In trying to revive damaged economies, governments are pouring money into initiating public works and by supporting citizens and businesses with allowances. But fewer governments are investing in cyber-professional courses and capacity-building – which could benefit society not only by closing the cybersecurity gap but also in bridging the social gap.
It is high time governments boarded the “cyber-train”, meaning investing in hands-on training and capacity-building. Such investment has many invaluable benefits: Converting the unemployed to become cybersecurity practitioners will help in bridging the employment gap and assist in our security posture against cyber-attacks. Moreover, such an investment will have a positive and significant impact on economies, both by preventing damage caused by cyberattacks, but also by contributing indirectly to the economy. As the salaries of IT employees are relatively high, the return on investment would be much quicker. One must also not forget the social benefits of reducing inequality and fulfilling the WEF vision of the Great Reset.
The information technology domain is intensely dynamic. Attack patterns are being developed all the time, hence it is imperative that best practices are updated frequently. The industry innovates at a pace government cannot keep up with. The key to a successful training program is to take into account these variables, study the gaps, and adjust the syllabus according to current needs and to the advancements in the tactics and procedures. A solution that will bring together representatives of the high-tech industry, governments, and NGOs.
Bringing all relevant players to the table and understanding the needs of the market is something that governments and NGOs everywhere could work towards. The vision of establishing a joint working group of governments and industry to define basic cyber-professions and the minimal syllabus requirements is something that could bolster collective cybersecurity for us all.
Aventis provide a 6 Month Part-Time Graduate Diploma in Digital Forensics.
Upon graduating you will receive an academic qualification and an accredited certification from EC-Council: Computer Hacking Forensic Investigator. This is catered to working professionals where you can improve your technical capabilities of IT.
This program allows you to be more familiar with the risk involved in the industry and be prepared with a solution to resolve. You will be learning the latest investigative and forensic techniques available to trace and track digital evidence using high tech tools for investigation and gain a better understanding of the legal and ethical framework using practical case studies and analysis. More information can be found here.
Next available intake will be on 19 Dec 2020.