As hackers become more sophisticated, and attacks more frequent, it’s no longer a matter of if your organization becomes a target, but when. That reality has forced many organizations to reassess how they address security efforts, and how best to allocate scarce resources toward mitigating the damage as quickly as possible.
Here, having the right mix of security skills on board is key.
“For a lot of our clients, they’re starting to realize that while they certainly want to hope for the best, they absolutely have to prepare for the worst,” says Stephen Zafarino, senior director of recruiting for IT recruiting and staffing firm Mondo. “Earlier this year, with the Chase and Home Depot breach, with the ransomware attacks on Britain’s NHS top-of-mind, everyone’s trying to figure out how to fortify defenses,” Zafarino says.
Following are 10 security skills your organization should focus on when staffing up or upskilling your security teams.
1. Security tools expertise
It may go without saying, but sound security begins with knowing the tools. Unfortunately, many organizations take a set-it-and-forget-it approach, because they don’t have security tools know-how on board.
James Stanger, senior director of product development at CompTIA, points to security information and event management (SIEM) tools as an example. “These tools are great in that they give you a fifty-thousand-foot view of your network and infrastructure landscape, but also let you look very granularly at incidents so you can identify problem areas,” Stanger says. “Are most incidents the result of end-user error? Are there security flaws that could be exploited through your cloud implementations? Now you can see those vulnerabilities, and you can address those. How can we get our users to stop clicking on attachments? How can we make sure sensitive data isn’t in a vulnerable place?” he says.
Of course, these tools aren’t helpful if you’re not using them to their full potential, he says. “Most of these tools are, unfortunately, left at their defaults because they were installed just to comply with a requirement. For example, what we see a lot of is, ‘Do you have an incident manager installed? Okay, you do, now check that box … and ignore it.’ That’s incredibly dangerous,” he says.
That’s why it’s imperative to staff up with experts for the tools you have, says Ashley Stephenson, CEO of Corero Network Security. Product-specific knowledge is important to making sure you can leverage whichever tools you choose to their utmost, Stephenson says.
CIOs should invest in extensive training and even upskilling security staff to make sure they know the ins-and-outs of every security tool in their arsenal, or they’re little more than a placebo, Stephenson says.
Sign up for Computerworld eNewsletters.