Is your business at risk because you don’t have cyber Security Skills in house?
Over the last couple of weeks there has been a number of articles in both the technology and business press about security risks caused by a lack of qualified security staff. There are many reasons why companies don’t have the appropriate staff to ensure they are secure;
- Lack of budget
- Lack of senior management buy in to security (less frequent today, but still happening more than often than you would expect!)
- Unable to find qualified staff
In the Online Telegraph from 29 Oct 2013 an article was written with the headline ‘Cyber-attacks are the greatest threats UK businesses face’
Only four per cent of UK businesses have adequate security measures in place to battle cyber-attacks and the article goes on to state 96% of UK businesses fear their security functions are not strong enough. This suggests they understand the risks but for some reason have not or could not address it. Most likely for the reasons above including budget, senior management buy-in and the lack of qualified staff.
Another article shows this is not just a UK issue – ‘Study Reveals Shortage Of IT Security Talent Equals Abundance Of Risk.’ This article focuses more on the lack of qualified security talent in the market which extends to both Europe and USA.
The lack of security skills is not only impacting the security roles there is also a lack of security skills training for development staff. Particularly disappointing is the lack of security requirements for those graduating from university with computer science degrees. Training provided by companies has declined over the last couple of years as budgets have been slashed and security training for development staff is not happening at all. Unfortunately this seems to have spread to the server and network administration staff as well, who are ultimately responsible for keeping the cyber criminals out.
You don’t have to look far to find stories almost every day about companies that have been embarrassed by a cyber-attack. See the ITC Secure Networking Threat of the week from a couple of weeks ago ‘Don’t wait until it is too late. Secure your infrastructure now!’
So how do small to mid-range businesses combat these risks without enough or even qualified security staff? Many try to implement point solutions, vulnerability scanning, network access control, security incident and event monitoring etc… This may go a long way to explaining why companies don’t have budget for qualified staff because they have spent it all on disjointed point solutions that don’t actually improve their overall security posture!
This is where ITC Secure Networking can help with our NetSure360⁰ Managed Security Services. We have;
- Over 15 years’ experience delivering managed network and security solutions
- Integrated best of breed technology solutions
- Certified security staff
Contact ITC at [email protected] to discuss how we provide this solution in our NetSure360⁰ Security, Performance and Network Management platform.