The online world seems to become more complex by the day. As more and more applications are moved to the cloud, the growing number and severity of data breaches makes it clear that attitudes about cybersecurity must change. It’s no longer possible to assume that “someone else” is going to be responsible. Instead, data protection and a strong cybersecurity defense must be a team effort.
How have cybersecurity roles changed over the last decade?
Ten years ago, cybersecurity was the responsibility of IT. Organizations were guarded by firewalls, antivirus companies were keeping up with basic malware and the world seemed to be (relatively) safe. The IT manager was responsible for cybersecurity, and in the event of a breach, wipe and restore from back-up was the preferred course of action. When breaches started happening more frequently, we were startled. Too bad we weren’t shocked enough to change our bad habits! Too many of us still clicked on every link, and opened every attachment.
By 2015, as more and more vulnerabilities were unveiled, and as knowledge about how easy it is to orchestrate automated large-scale attacks spread, ransomware became a real issue. In response, cybersecurity vaulted to the top of the priority list at most organizations. The internet of things (IoT) has changed the way work gets done, and it has forced organizations to adapt and change the way they secure data.
Now, in 2019, cybersecurity is everyone’s responsibility. Data is the most important resource on earth, and one mistake by a single employee can endanger an entire company. Employees have become targets for phishing and social engineering, with the C-suite heading up the priority list for cybercriminals.
Automation and AI are changing cybersecurity
Clearly, securing the workplace is still a challenge. In addition, the lack of proper cybersecurity resources on the job market has forced more and more companies to outsource their IT security to managed security service providers (MSSPs) and have investments in retainers with fast service level agreements to mitigate potential incidents. The number of remote workers is therefore growing, they need more devices and applications to do their jobs, and these applications are increasingly found in the cloud, beyond the old-school firewalls that used to keep organizations safe.
What’s the answer? Automation. While artificial intelligence (AI) has become an integral part of our lives, its importance to cybersecurity cannot be overstated. With attacks becoming ever more sophisticated, automation in defense and response is vital both to avoid incoming attacks and to mitigate their effects should they occur. And by leveraging machine learning to deal with common or routine threats, automation plays a key role in freeing up overtaxed IT staff to focus their attention on the most serious attacks.
The changing role of HR in cybersecurity
As organizations realize that tools are inefficient without the right people running them properly, the spotlight has landed on a huge gap in the cybersecurity job market. Fortunately, when everything you say on the internet is public forever, online activity on social media can be used by HR. Recruiting companies are increasingly employing specialized services to do online checks, in addition to the usual background checks, to screen for red flags. With billions of credentials leaked in recent years, it’s relatively easy to determine if a candidate has good cybersecurity hygiene, and to weed out those people who have exhibited risky cyber behavior in the past.
The evolution of cybersecurity education and training
Until quite recently, much cybersecurity training consisted of warnings — “Do Not Install Unauthorized Programs” — on company computers. Now, however, employees at many organizations must undergo cybersecurity training before even getting onboarded, and regular training is provided by infosec teams to ensure all employees are aware of the most common threats. “Patching the human,” making sure employees are armed with the knowledge needed to spot phishing emails, scams and social engineering, should be a top priority. Ongoing training programs have gained huge value, and, in many organizations, management is responsible for their successful adoption. In many industries, in fact, failing multiple internal phishing tests can be grounds for termination of employment.
Any line of defense is only as secure as its weakest link, and as our online capabilities evolve, so too will the threats we face. Fortunately, there is light on the horizon. The number of digital natives in the workforce is steadily growing, and organizations that leverage their capabilities, and that succeed in informing all stakeholders — from the C-suite all the way to the newest of new hires — about their roles and responsibilities in maintaining cybersecurity standards, will survive and thrive.