The realm of cyber security constantly changes. Trends and security methods that were relevant a year ago are like outdated smartphones that get tossed into drawers and forgotten. Every step security experts take to prevent data breaches is countered by a series of more complex criminal behaviors. In fact, research presented at the 2017 Cyber Resilience Summit in Reston, Virginia, hosted by the Consortium for IT Software Quality (CISQ), suggests the good guys are still far behind in the IT security game:
- According to Dr. Dale Meyerrose, Major General, U.S. Air Force, Retired – 68% of companies don't encrypt data, and 4 in 10 cyberattacks are the result of phishing scams.
- According to a 2016 Ponemon Institute survey, businesses take an average of 256 days to detect an attack, and 90-120 days to remediate it.
- According to Kroll Advisory Solutions, internal employees account for 70% of all cyber cases involving theft.
- And according to Curt Dukes, Executive VP & General Manager of the Security Best Practices & Automation Group for the Center for Internet Security (CIS), out of 15,000 cases of cyberattacks, 85-90% could be prevented by patching critical vulnerabilities, removing administrative privileges, and using strong passwords.
Since the cyber security industry is in constant flux, new experts are needed to solve problems as they emerge. Staying up to date on the latest trends is the key to remaining relevant in this job market.
Job seekers in the cyber security field should be aware of these five emerging trends:
1. A potential shortage of IT workers
Network World Magazine reported 82 percent of cyber security decision-makers feel there is a distinct shortage of skilled professionals in the marketplace. Moreover, 71 percent of those surveyed said the shortage has a direct, negative effect on our nation's security. Skilled professionals with practical experience in the field and a passion for learning may find a number of job opportunities in the near future. More and more companies - as well as the government - are discovering the real and growing need for cyber security professionals.
"I agree that a shortage of skilled cyber security professionals exists, but in order to address this issue, institutions of higher learning in the U.S. need to embrace Cyber Security as an academic discipline," states Mike Boyles, Division Manager of Beacon Hill's National Security Division. "Furthermore, many U.S. government agencies (as well as private enterprises) require degrees for these jobs, and as a result are alienating a significant portion of the talent pool. The best example of this is the video game industry. They routinely score highest when it comes to evaluating and preventing cyber-attacks. Why is this the case? Because they very rarely assess whether a person is degreed or not, but rather promote skills and outside-the-box problem-solving."
2. Shifting hubs for security experts
The past few years have been open season for organized cyber criminals. In 2015 and 2016, the U.S. federal government faced several severe attacks on many of its prominent departments. This well-documented activity has intrigued many cyber security experts who have an active interest in working for the federal government. But Washington D.C. isn't the only hub for professionals. According to Tech Republic, New York City and Boston are also major draws for experienced members of the cyber security community.
"Today, security breaches are more prevalent for our clients than ever before," notes Samantha Ocampo, Division Manager of Beacon Hill's Technologies Division in New York City. "With companies offering access through so many personal and mobile devices, the need to secure access points has heavily increased the demand for security professionals and expertise in our marketplace."
3. Data theft and manipulation
In the past, data breaches have been similar to bank heists - the attackers get in, steal as much data as possible, then get out. The more skilled the hackers are, the more difficult they are to detect. This had made the skill of intrusion detection a valuable component of the cyber security expert's tool belt. However, data breaches could get more complicated in the future. Information Age Magazine explained that rather than outright stealing data, hackers could manipulate the data itself, thus tarnishing its integrity. The results could easily throw an individual or entire organization into chaos. If information can't be trusted, it could cause market instability.
4. DDoS and the Internet of Things
Every day, it seems we are more surrounded by internet-connected devices. From your home's thermostat to your wristwatch, everything's connected. This can make life easier in a number of ways - but it also presents more openings for security vulnerabilities. Network World reported that spending on IoT security is expected to surpass $434 million this year, but even that amount won't keep up with the risk.
"Hackers are constantly changing their methods of attack (via IoT, DDoS, etc.), and we'll continue to see headlines of major breaches as long as corporations, government entities, and consumers remain passive in their defense against these attacks," says Will Theis, Division Manager of Beacon Hill's Technologies Division in Denver. "It's easy to assume 'it won't happen to me' – but, as these attacks continue to become more diverse, if you don't have the proper procedures, protocols and infrastructure in place, you're inevitably playing a game of roulette."
Job seekers who are well-versed in IoT may see more job opportunities come their way soon.
"Why hack a company server when you can hack an employee's phone?"
5. Mobile security threats on the rise
Why hack into a large company server when you could simply hack a key employee's personal phone? That's just what many advanced cyber criminals are doing. According to CSO Magazine, many employees disregard their companies' smartphone protocols, which could introduce risk to corporate networks. It's a convenient workaround for smart hackers.
These are a few of the emerging cyber security trends. This time next year, you can expect a whole new crop of industry trends and criminal methodologies. As cyber security experts find solutions to the aforementioned challenges, cyber criminals will move on to the next big thing. Stay up to date and stay safe.
This content is brought to you by the Marketing Team at Beacon Hill Staffing Group.