Blog · 16 Sep 2018

Putting people at the heart of protecting what matters most

We won't win the cyber security war without people power.

profile-picture
President, Asia Pacific, Middle East, Africa and Turkey (AMEA)

A business falls victim to a ransomware attack every 40 seconds. The threats are changing constantly and there’s an acceleration in the production of new attacks, especially those that regularly evolve to evade security controls which can’t keep up.

Faced with such a range of threats, it’s easy to focus on technology investment. But a tool is nothing without the analyst sat in front of it. By drawing out abnormalities based on intelligence, analysts can then examine the threats, understand them and move quickly to mitigate risks.

With a predicted global shortfall of 3.5 million cyber security jobs by 2021, we look at three areas where organisations can help develop the skills we need now to protect what matters most.

1. Security awareness

People are often the weakest link in the security chain — clicking that all-too-tempting prize-winning hyperlink on an email; leaving the fire-exit propped open for the pizza to be delivered during a night shift; or revealing trade secrets to your fellow passengers during the journey home.

By rewarding good behaviours, investing in people, training them, and creating processes which change how they behave, on an ongoing basis, your employees can be your biggest security asset.

2. Grassroots education

From supporting National Cyber Security Awareness Month, the annual campaign to raise awareness about the importance of cybersecurity, or recruiting apprentices, to offering secondary schools free cyber security lesson plans or talks from security experts, organisations can provide structured ways of helping to attract more skilled workers into the security industry.

There are also opportunities such as Cyber Security Challenge UK, a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cyber security professionals.

3. Retaining skilled staff

Those who have the right skills often command significant salaries, pricing them out of the market for all but the top organisations.

One of the ways to retain skilled staff is through development plans, specially designed to help them succeed in their job and make progress in their career. Offer them internal coaching, external training and practical support.

You can also make sure your security experts, especially "ethical attackers", those who attack your own defences to identify weaknesses, have the time to be creative. By giving them time come up with new ideas of how they’d target you, you can then mitigate the risks and protect yourself.

Security is about more than technology

Security isn’t just about technology. It’s also about the people, partnerships, intelligence and expertise you need to stay one step ahead in the security race.

By putting people at the heart of protecting what matters most, you can stay ahead of the changing threat landscape.

Read this article in full on WEF Agenda.

Contact

Related content

Topic

Make security integral to your business

Article

How we stay ahead of a changing threat landscape

Read more
Article

Balancing security and digital transformation

Read more