Businesses as well as government agencies are increasing their focus on cybersecurity, including hiring more professionals to deal specifically with cyberattacks and the havoc they wreak.
The increased focus comes as businesses struggle to protect customer data and also to respond quickly to breaches when they occur. As the costs associated with data leaks continue to rise, large organizations are finding it more cost effective to hire seasoned IT experts -- including some who earn more than $500,000 a year -- to batten down the hatches and be prepared if and when there's an attack.
In fact, for some organizations, the costs of being well prepared are proving to be much less than the costs associated with cleaning up after a large-scale data breach.
One potential solution to help combat cybercrime is for organizations to build internal teams that work solely on protecting customer data from hackers. Companies like JPMorgan and PepsiCo, as well as USAA (United Services Automobile Association), are taking the threat seriously, hiring chief information security officers (CISOs) and paying big money to protect them from cyberattacks. As more companies follow suit, the position is being given an even greater level of importance.
By hiring a CISO who reports directly to the CEO, businesses can ensure a C-suite emphasis on data and network security. These top-level hires may be part of the solution, but more comprehensive cybersecurity teams and software are generally also needed to provide sufficient protection.
Government agencies like the FBI face similar challenges. Cybercrime has become such a major issue for the FBI that it is in the process of hiring an additional 2,000 cybercrime experts.
Hard To Detect
Part of the problem is that even the best cybersecurity software on the market cannot protect businesses against these attacks. This means that in addition to hiring cybersecurity gurus, companies must either store less data so that customers are not put at-risk or they must heavily encrypt data to make any stolen information useless to the criminals.
Cyberattacks are taking place more often than in the past, but one of the most troubling new trends is that when attacks do take place, businesses sometimes do not report them for days. Legislation is in the works that would force corporations to report breaches quickly. However, that change won't necessarily solve the problem since many breaches go undetected for days or even for weeks.
A study of 253 U.K. corporations, conducted by security firm Tripwire earlier this year, found that at least 40 percent would need two to three days to detect a breach. Unfortunately, that's plenty of time for cybercriminals to go undetected as they steal and exploit private customer data.
For many years, businesses have known that cyberattacks pose a looming threat, but still, cybersecurity has not been as high a priority in the past as it is now. Some businesses that have not changed their attitudes toward cybersecurity fast enough are now dealing with millions of dollars in damages when their networks are hacked.
Antivirus tools from companies like McAfee and Symantec used to provide adequate protection for many businesses, yet those tools have proven to be quite insufficient as hackers have become more sophisticated.
Shortage of Cybersecurity Pros
With serious threats looming and a corresponding lack of security experts to lead the battle, Tripwire, for its part is launching a new program to attract students and new grads to consider a career in cybersecurity. Tripwire describes its "Cybersecurity Risk Manager LifeJourney Experience" as a web-based, interactive classroom experience that allows students from middle schools, high schools, and colleges to test-drive potential cybersecurity careers by "enabling them to live a day in the life of one of America’s cybersecurity leaders."
A career focused on cybersecurity is definitely an interesting prospect for new grads as well as current IT professionals looking for a lucrative niche. Consider, for example the fact that, as Cisco’s 2014 Annual Security Report indicates, more than one million cybersecurity positions remain unfilled around the world. Looking ahead, the U.S. Bureau of Labor Statistics expects the information security analyst field to grow by 37 percent through 2020.
“Unless the cybersecurity industry actively collaborates with academia, the shortage of cybersecurity professionals will continue to limit our ability to defend critical infrastructure and impact economic growth,” says Tripwire CEO Jim Johnson. “Programs like [Tripwire's] LifeJourney that accelerate math, technology, engineering and science literacy are critical to building the next generation of cybersecurity professionals,” Johnson added.
Certainly the demand for cybersecurity pros will continue to be high as the threat of cybercrime continues to mount.