Importance of CyberSecurity

Posted by alvina on March 27th, 2019

In the past, the cybersecurity scene was never so complex and dynamic. Nowadays, the number of complex attacks and their volume have increased significantly.

At the same time, the number of alerts and events that the security companies are dealing with on a daily basis have raised a lot.

It has been estimated that at least 37% of the respondents in the financial industry deal with more than 200000 security alerts on a daily basis. At the same time, a number of financial institutions deploy 100 to 200 security solutions in a go.

It looks like new attack vectors and threats are emerging fastly, which spans across a converged attack surface of the OT networks and the IT, along with the IoI devices. Nowadays, the attacks that occur are really sensitive in nature. Usually, the organizations and security companies have to respond within seconds or minutes in order to deal with the threat effectively.

Last month, for instance, the cosmos Bank in India lost M as a result of atm hack. In order to make things better, new guidelines and regulations are coming that require comprehensive reporting and strict procedures.

Now, it looks like the CISOs are finally understanding that having the latest tools and spending the growing budget on them does not necessarily mean that the security posture of the company will improve. This may not solve most of the existential and strategic problems. Instead, they are now acknowledging the fact that their teams lack the right cyber security skills to deal with the new generation of threats. Hence, it is obvious that the lack of technologies or products is not to be blamed because whatever that exists, is not being operated effectively.

The prime reason for this is that the staff has never been trained in such a direction, neither a team or as individuals. Moreover, the staff never had to face a multi-stage attack. Moreover, they had never used technologies in a real-life scenario of an attack. Hence, responding to a shifting attack within minutes becomes increasingly difficult.

Today, a number of disparate tools are required in order to respond to security incidents. At the same time, an entire team is needed on the backend in order to collect and join puzzles, putting them together, and responding to the threat. Such teamwork needs multiple team members along with an external team, working in an orchestrated manner.

Yet, cybersecurity training is usually not taken seriously by many organizations. As an analogy, none of us would want to board a plane where the pilots only learned how to fly a plane through powerpoint slides. Then, why do we no give training the attention that it deserves.

Such an approach would also not work for practitioners of cybersecurity. This is something that we have learned repeatedly. Hence, it is extremely important to invest in the cyber range training so that the staff can have better expertise in handling complex security threats. Without this, the ever-changing new generation threats of cybersecurity could not be dealt with.