Cybersecurity: Challenges of the future

Cyber security is not just putting anti-virus software on your computer and resting in peace but it is rapidly encompassing a vast area of human enterprise and becoming the key to national security and safety. With explosion of digital data in the IT era, enterprise is likely to generate more data in the next three to five years than ever before. There is a simultaneous growth of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security is going to remain one of the most challenging areas for enterprise technology in the years to come as cyber attacks and digital spying are slowly becoming a major threat to the socio economic environment of a country. The threat of cyber terrorism is even surpassing the threat posed by terrorism to national security. Huge amounts of personal, government, military, corporate, financial, and medical data is on the digital platform. Criminals, anti social elements, business competitors, enemy nations, terrorist groups are all interested and are constantly working towards making unauthorized entry into your systems and data banks to steal or corrupt this data. One of the worst is Ransomware, which is gaining some popularity among hackers today as there is a chance of gaining quick money. WannaCry attack was one such attack that happened on a large scale, attacking Windows Operating Systems, encrypting data, and demanding ransom payments in the Bitcoin cryptocurrency. The standard security measures to follow to protect your data and system is continuously creating back up files in an insulated, external environment so if you’re locked out, you can access them there—without having to pay ransom. Apart from enterprise users, laymen usually do not actively back-up important data. Though there has been growth in cyber legislation with many countries coming up with laws and new cyber security policies or strategies, and also updating existing standards, in order to adapt to new challenges and emerging issues. There is a huge skill gap when it comes to professionals in cybersecurity, to counter this, the US has recently created a Cybersecurity Workforce Alliance, calling it an ‘industry first’. The idea is for companies, governments and universities to come together and fill this gap. According to a report by Cybersecurity Ventures published in June, there is a projection of 3.5 million unfilled cyber jobs that will need attention in the next four years. Another report stated that 25% respondents to a survey by ISACA’s Cybersecurity Nexus (CSX) reported that it takes their companies six months or longer to fill priority cybersecurity and information security positions, yet KPMG’s 2017 US CEO Outlook survey found that only 40% of American CEOs feel that their organizations are fully prepared to handle a cyber attack. According to Forbes, Cybersecurity workforce-skills gap/ unfilled jobs in the sector is estimated at 1.4 million. While the industry is blaming the private sector, a significant part of the responsibility should also be taken up by the academia. Its not that nothing has been done, interestingly, New York’s mayor announced a$30 million initiative to fund cybersecurity training, academic research and development labs. There is also a Cyber Scholarship Opportunities Act, which is being worked on, that would expand the National Science Foundation’s CyberCorps: Scholarship-for-Service program, in-turn funding cybersecurity education for college students who commit to government service after they graduate. Having said that, there are opportunities in the market and lucrative ones too. According to a report by blueStone Recruiters in the US, one of the most in demand cybersecurity jobs is of security analysts who prevent and mitigate attacks, in 2012 there were over 70,000 jobs with $80,000 base salary, in 2015 there were over 85,000 such jobs with $90,000 salary tag. Salaries of senior positions such as CISOs can reach upto $400,000. UK was one of the first G7 countries to make computer science a compulsory school subject in 2014. The government said that seven-year old kids should be able to debug a program. It will also give educators the opportunity to sieve talent at an early stage and help nurture this talent for the future. Corporates think that upskilling the current employee skill set is an answer to the problem. They also think that using automation and AI in the future to detect breaches and mitigate them will be a viable option. However, when it comes to technology, it is as good as the humans who are developing and deploying it. Hence, a long term strategy on training and educating the coming generations will make sure that the future cybersecurity professionals are adept in filling out those 1.8 million jobs by 2022.