We have all heard the phrase, ‘every cloud has a silver lining’ – right? For cyber security professionals that silver lining is actually cold hard cash. Due the continued rise in cyber crime, those with the necessary skills and experience needed to thwart it are becoming a sought after commodity leading to their salaries rising by an average of 14%. It’s been widely reported that globally there is a shortfall of cyber security professionals so the increase in their value is not unexpected – it’s a simple supply and demand. The sadder side to this story, that was reported in Computer Weekly, is that it is due to shortfalls and vulnerability in technology and the criminal exploitation of this is leading to the generation of a new market demand. I suppose the best way to rationalise this, for me, is to recall when somebody I knew worked in the arms industry told me that they rationalised their work with the fact that it was focused on defence, not attack. However, for a long time now IT security specialists have undoubtedly been undervalued, perhaps they do deserve their current time basking in professional sunshine.
IT security specialists have for a while predicted all manner of potential scenarios that cyber criminals could inflict upon us. One of these has always been the attacks against critical infrastructure. Hollywood has always shown us what can potentially happen should a power station go offline, or if traffic control is disrupted. These scenarios are no longer fictitious and have moved into the very real world. Computer Business Review identified that these attacks are already becoming a key theme of 2016. With statements from Israel regarding attacks on their electric supply and also an energy company in Ukraine suffering makes me wonder who will be next. It has often been stated that an element of motivation for cyber crime is disruption, as opposed to destruction and nothing would disrupt a developed western economy more then losing power for a significant amount of time. I trust that this trend will be nipped in the bud swiftly.
So much ‘breaking news’ no longer comes to the viewer from the traditional media. The reports right from the ‘coal face’ break first on social networks. Although their accuracy may be questioned, the initial chatter that something has happened rattles through the infrastructure of Twitter and Facebook long before it hits the front pages of a daily paper. Therefore, it does make me wonder why it’s taken so long for somebody to go public with the statement that these very same social networks may be the best ‘early warning’ system to a cyber attack. The San Antonio Express publicised a story where they quoted cybersecurity expert Max Kilger as saying that U.S. investigators may be neglecting an important factor that could help detect and prevent terrorist cyberattacks: the human element. With social networks building their reputation on individuals sharing information – instantly – then both the perpetrators and the victims of cyber crime will turn to these vehicles to inform others of their current state. Monitor these networks closely and you might get a vital few hours notice on the next major cyber attack.
A key element in any corporate cyber strategy is that of understanding, usually provided by trainers. Computer Weekly referenced the headline from the Harvey Nash/PGI 2016 Cybersecurity report that alongside the expected search for technical skills, that companies are equally looking for those to run in-house training and awareness programmes. It would seem the tide is turning and more and more companies wish to develop a cyber aware culture within their organisation. Perhaps trainers will soon see their salaries increase by 14% as well!
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.