Tech Security Funding Increases to Fill Talent Gap
Published 11/04/2018
Tech Security Funding Increases to Fill Talent Gap
The Cambridge Analytica & Facebook scandal
This recent scandal has revealed the amount of data that firms can get hold of and has made data protection a business and political issue of high importance.
Recent cyber security threats are steadily growing in size and number with the hacking of 3 billion Yahoo accounts, the theft of personal information on 150 million consumers in the Equifax breach, and the threat of all-out cyber warfare with state actors using offensive capabilities to knock out electricity and communication services at a national level.
“One of our biggest challenges is to start securing an awful lot of the web infrastructure and applications that have been deployed,” notes Hugh Boyes, Cyber Security Expert at The Institution of Engineering and Technology. “When we look at what’s been going on recently, increasingly people are starting to get worried about their personal data.”
There will also be the new challenge of managing, monitoring and securing the growing field of artificial intelligence, which includes programs that function and evolve entirely without human intervention.
The verdict of analysts, however, is that the threat is still not being taken seriously enough. KPMG concluded that less than half of the companies it surveyed paid sufficient attention to cyber security. Meanwhile, less than one in five considered cyber risks a boardroom responsibility.
Accountability must start at the top
“Senior leaders driving the business must take ownership of building cyber resilience,” PwC reports. “Leadership must drive the development of a cyber risk management culture at all levels of the organisation.”
Change must be implemented that puts data protection and digital security at the heart of businesses goals and ensure that the right technical people are driving the project through with the support of senior leaders.
But there are relatively few security experts specialised in this field – or in big data. “At present, I would say there are very few data science security specialists and when we look at the use of artificial intelligence and machine learning, it’s an area where I don’t think we really have a lot of security specialists who really understand the consequences of introducing those technologies,” Hugh says.
Fortunately, security budgets are set to increase in 2018, with 48% of enterprises investing additional funds over the next year, according to IDG. Particular priorities include the securing of the cloud and investigating analytics-focused security solutions. This increased funding should go some way to filling the talent gap, increasing compensation and budgets for cyber security engineers in the near term. The Yahoo breach knocked a reported $350m off the company’s sale price so there’s little doubt that CISOs will be in high demand in future, a reflection of the private sector as only half of organisations surveyed by PWC had a CISO.
“Information security professionals who are able to understand the business reasons for information security and how to sell [it] internally to the business are going to have the most success,” says Alex Osei, IT Security Specialist at Empiric. “[We need] to figure out how to get the people that make the decisions to actually do it and that’s going to be the biggest challenge.”
Employees
By far the greatest sources of threats to businesses are current and former employees. The recent story that an MP routinely shared her email password with her staff, including interns, notes Hugh, is indicative of poor adherence to security at the user level. While drilling for cyber-attacks and running penetration tests is important, so is basic staff training.
Fortunately, it seems that the industry is aware of the issue – in the year ahead, IDG notes that security awareness and training is a joint spending priority alongside access controls and big data analytics.
To find out how we can help you with your specialist technology security recruitment please contact security@empiric.com on 02036757777.
Browse Our Latest Tech Roles
Current Vacancies
About Empiric
Empiric is a multi-award winning business and one of the fastest growing technology and transformation recruitment agency's specialising in data, digital, cloud and security. We supply technology and change recruitment services to businesses looking for both contract and permanent professionals.
Read more (pdf download)
Empiric are committed to changing the gender and diversity imbalance within the technology sector. In addition to Next Tech Girls we proactively target skilled professionals from minority groups which in turn can help you meet your own diversity commitments. Our active investment within the tech community allows us to engage with specific talent pools and deliver a short list of relevant and diverse candidates.
For more information contact 02036757777
To view our latest job opportunities click here.