Faced with such a range of threats, it’s easy to focus on technology investment. But a tool is nothing without the analyst sat in front of it. By drawing out abnormalities based on intelligence, analysts can then examine the threats, understand them and move quickly to mitigate risks.
With a predicted global shortfall of 3.5 million cyber security jobs by 2021, we look at three areas where organisations can help develop the skills we need now to protect what matters most.
People are often the weakest link in the security chain — clicking that all-too-tempting prize-winning hyperlink on an email; leaving the fire-exit propped open for the pizza to be delivered during a night shift; or revealing trade secrets to your fellow passengers during the journey home.
By rewarding good behaviours, investing in people, training them, and creating processes which change how they behave, on an ongoing basis, your employees can be your biggest security asset.
From supporting National Cyber Security Awareness Month, the annual campaign to raise awareness about the importance of cybersecurity, or recruiting apprentices, to offering secondary schools free cyber security lesson plans or talks from security experts, organisations can provide structured ways of helping to attract more skilled workers into the security industry.
There are also opportunities such as Cyber Security Challenge UK, a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cyber security professionals.
Those who have the right skills often command significant salaries, pricing them out of the market for all but the top organisations.
One of the ways to retain skilled staff is through development plans, specially designed to help them succeed in their job and make progress in their career. Offer them internal coaching, external training and practical support.
You can also make sure your security experts, especially "ethical attackers", those who attack your own defences to identify weaknesses, have the time to be creative. By giving them time come up with new ideas of how they’d target you, you can then mitigate the risks and protect yourself.
Security isn’t just about technology. It’s also about the people, partnerships, intelligence and expertise you need to stay one step ahead in the security race.
By putting people at the heart of protecting what matters most, you can stay ahead of the changing threat landscape.
Read this article in full on WEF Agenda.