Cybersecurity is only effective when it is properly implemented and maintained – which begs the question, are the employees responsible for implementing procedures skilled enough to be successful at managing hacks? In the UK billions of pounds are spent every year on protecting and testing computer systems but what good is this if administrators are unable to identify real threats? If this really is the case, a complete overhaul of procedure and training is required to reduce the risk of attacks.
Reports of incursions behind the firewalls of many large companies are now routine and experts in the field cite evidence in the logs as a reason for these breaches. With hackers adapting regularly to slip by undetected, the challenge for administrators becomes even more immense. Threat detection is a complex process but this alone should not mean that there is such a high rate of breaches.
Companies do take this challenge seriously but the regularity of breaches implies there are errors in their procedures. It may not be that administrators are too poorly trained but may simply be that there is not enough time to rigorously check all of the logs. This would explain why so many attacks are slipping through the net. There is one thing that is sure- there are not enough cybersecurity experts to fill all available positions. One industry body is predicting that there will be a 1.5-million-person deficit of security experts by 2019. Even if the skills are at a high enough level, the lack of investment in new recruits could cost businesses dearly.
Rise of White Hat Hacking
More problems with detecting threats to systems has led to an increased role for penetration testing. The use of this testing technique suggests that companies do not trust the IT teams responsible for keeping networks and data secure. Penetration testing examines the system for hacking opportunities by allowing experienced hackers to attack the system and exploit any vulnerabilities. The real problem comes in the fact that they only examine digital vulnerabilities and that an unskilled administration team will let an intrusion past.
The pace of change in cyber security means that administration teams need regular training that stays up to date with real world developments. This means enrolling them in online courses, attending industry events and working together to understand exactly what a threat looks like. Only by doing this can administrators meet the threats head on and prevent any damage being done to the company.
Do you think admins are well trained? How could training be improved? Share your thoughts with us: