Why industry collaboration is needed to strengthen cybersecurity awareness and t...
source link: https://itwire.com/guest-articles/guest-opinion/why-industry-collaboration-is-needed-to-strengthen-cybersecurity-awareness-and-training-efforts.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Tuesday, 27 June 2023 12:57
Why industry collaboration is needed to strengthen cybersecurity awareness and training efforts
By Nicole Quinn
GUEST OPINION: The continued cyber skills shortage is reaching crisis levels, causing multiple organisational challenges and repercussions. Globally, there is an undersupply of cyber professionals—a gap of more than three million—who can offer cyber leadership, test and secure systems, and train organisations in digital hygiene.i More than 60% of global leaders admit they are struggling to recruit and retain talent, with cloud security and security operations being the hardest roles to fill.ii At the same time, approximately 40% are experiencing difficulty finding qualified candidates who are women, military veterans, or from minority backgrounds.iii
The worsening cyber skills gap is happening as cyberattacks become more aggressive and widespread, with a significant rise in the number of state-sponsored or influenced cyberattacks targeting critical infrastructure to facilitate espionage.iv Foreign interference, espionage, and data theft are the top national security risks, with foreign adversaries targeting information that can be used for national gain, including information on military and defence, medicine, energy, and agriculture industries. Cyber espionage, along with data breaches and ransomware attacks, can have far-reaching consequences and pose a grave threat to an organisation’s reputation and the safety of its employees.
The continued skills gap isn’t just a talent shortage challenge; it’s also severely impacting business, making it a top concern for executive leaders worldwide. According to Fortinet’s 2023 Cyber Skills Gap Report, 68% of organisations indicate they face additional risks because of cybersecurity skills shortages, while 84% of organisations experienced one or more breaches in the past 12 months.v
The World Economic Forum’s Global Risks Report 2022 suggests that businesses operate in a world where 95% of cybersecurity issues result from human error and where insider threats represent 43 % of all breaches, intentional or otherwise.vi Both reports demonstrate the importance that training and certifications have for organisations to tackle the skills gap, with 90% of respondents in Fortinet’s 2023 Cyber Skills Gap Report suggesting they are willing to pay for an employee to get a cybersecurity certificationvii.
Strong cybersecurity awareness and practice are essential to reduce the risk of cyber compromise. According to the Fortinet 2022 Networking and Cybersecurity Adoption Index, 63% of organisations provide training for employees, while 58% of staff consider themselves very well trained, suggesting there is still room for improvement.viii This index reveals a real opportunity for organisations to invest more time into training employees to ensure everyone knows how to do their part in keeping the enterprise safe. Meanwhile, Fortinet’s 2023 Security Awareness and Training Report indicates that 56% of leaders believe their employees lack knowledge when it comes to cybersecurity awareness, with 93% of boards of directors questioning their organisations’ cyber defences.ix
By creating a cybersecurity awareness culture, employees will be better equipped to recognise cyber threats immediately and avoid falling victim to them. However, as it stands, employees represent high-value targets for threat actors. Comprehensive security awareness training is one of the most important proactive measures a business can take to educate its staff and team. Phishing, identity theft, malware, and ransomware are top cybersecurity threats organisations face, and an adept understanding of how to prevent them will reduce the knowledge gaps that cybercriminals seek to exploit.
Studying cybersecurity at a university level is more popular than ever; however, cyber threat actors can take advantage of this and lure students to perform malicious activity for a generous sum. In addition, the length of time it takes to successfully complete a degree in cybersecurity means these future professionals face a delay before being able to work and make a difference in the field. Further, a degree doesn’t always teach real-world employability skills that businesses need. Instead, there needs to be industry collaboration between cybersecurity providers, businesses, universities, and schools to reduce the cybersecurity workforce shortage and educate the next generation of employees.
Universities and businesses should look to partner with cybersecurity vendors with a comprehensive approach to security awareness training. Courses should be straightforward to consume and explore real cyber threats that pose a danger to regular non-IT people and offer measures that employees can take to protect themselves and others from harm. They should focus on the skills people need to enter the workforce and give students an understanding of the cybersecurity sphere.
By partnering with a cybersecurity provider, educational institutions also reduce the cybersecurity skills gap by giving students access to real-world resources and skills they need to succeed in an entry-level position in cybersecurity. Training courses should be free and taken by anyone of any age, including children. With more children being online for prolonged periods, it’s imperative to educate today’s youth about internet safety. Instilling foundational cyber awareness knowledge from an early age is critical to creating a cyber-ready culture where the next generation of employees is well-versed in cybersecurity.
Businesses, universities, and schools must also look at the overall performance of their security architecture to mitigate risk as much as possible. A cybersecurity mesh architecture (CSMA), or security fabric, is a security approach proposed by Gartner, that helps companies move past siloed security to protect individual assets in a network by promoting interoperability through several supportive layers. It is designed to help organisations move away from obsolete standalone systems and toward an integrated approach. With a security fabric approach, coupled with cybersecurity awareness and training programs, businesses, universities, and schools, will be better positioned to respond to future security risks, close security gaps, and have end-to-end, comprehensive security.
References:
i https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2022.pdf
ii https://www.fortinet.com/content/dam/fortinet/assets/reports/2023-cybersecurity-skills-gap-report.pdf
iii https://www.fortinet.com/content/dam/fortinet/assets/reports/2023-cybersecurity-skills-gap-report.pdf
iv https://www.cyber.gov.au/acsc/view-all-content/reports-and-statistics/acsc-annual-cyber-threat-report-july-2020-june-2021
v https://www.fortinet.com/content/dam/fortinet/assets/reports/2023-cybersecurity-skills-gap-report.pdf
vi https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2022.pdf
vii https://www.fortinet.com/content/dam/fortinet/assets/reports/2023-cybersecurity-skills-gap-report.pdf
viii https://global.fortinet.com/apac-lp-anz-networking-wp-index-report
ix https://www.fortinet.com/content/dam/fortinet/assets/reports/report-2023-security-awareness-and-training.pdf
Read 363 times
Please join our community here and become a VIP.
Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here
GARTNER MARKET GUIDE FOR NDR 2022
You probably know that we are big believers in Network Detection and Response (NDR).Did you realise that Gartner also recommends that security teams prioritise NDR solutions to enhance their detection and response?
Picking the right NDR for your team and process can sometimes be the biggest challenge.
If you want to try out a Network Detection and Response tool, why not start with the best?
Vectra Network Detection and Response is the industry's most advanced AI-driven attack defence for identifying and stopping malicious tactics in your network without noise or the need for decryption.
Download the 2022 Gartner Market Guide for Network Detection and Response (NDR) for recommendations on how Network Detection and Response solutions can expand deeper into existing on-premises networks, and new cloud environments.
PROMOTE YOUR WEBINAR ON ITWIRE
It's all about Webinars.Marketing budgets are now focused on Webinars combined with Lead Generation.
If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.
The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.
Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK