Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Prevention vs detection in light of the cyber skills shortage

Sean Duca, Vice President & Regional Chief Security Officer for Asia Pacific, Palo Alto Networks | Sept. 23, 2015
One key strategy to help ease the shortage of skilled cyber personnel is to apply a prevention-based approach in the workplace.

With improved business environments, new investment opportunities and the growing purchasing power of Asia's middle class, the Asia Pacific region is well-poised to grow at a faster pace than the rest of the world. However, better business and financial prospects attract malicious attackers who are keen to take their share of the pie through illicit means, thus making cybersecurity a very crucial business concern across Asia Pacific.

According to a survey developed by global recruitment consultancy firm Harvey Nash, 35 percent of Chief Information Officers (CIOs) in the region have faced a major cybersecurity attack in 2014, which is alarmingly 10 percent higher than the global average. This has resulted in many organisations increasing their IT budgets to invest in better cybersecurity systems and hire talented cybersecurity professionals to keep up with advanced persistent threats that have proven to be too sophisticated for legacy security solutions. However, the survey discovered that 71 percent of CIOs in Asia Pacific feel that they are unable to keep up with the pace of change and evolved cybersecurity needs due to a dire skills shortage in this space.

One of the key reasons for the skills shortage is the use of detection-based approach within organisations' security infrastructure. In this approach, the organisation sees alerts being generated to the IT team to indicate that a malicious activity is currently being attempted. These alerts require further management from the IT team, including rating the severity of the alert and determining the appropriate response required.

This decision-making process is time-consuming and requires high level of experience and talent to ensure correct next steps. Taking this approach creates a significantly different load distribution between what the security products can do and what is manually required of the security team, hence putting a heavy burden on the latter.

Having a skilled team of security analysts is therefore a prerequisite for detection-based security solutions to work efficiently. However, the required workforce to implement a water-tight detection-based approach is costly and hard to find. In fact, the Harvey Nash survey further revealed that over 59 percent of CIOs worldwide are facing issues of technological skills shortage.

Moreover, no security team in any organisation can expect to have the best professionals working all shifts, at all times. One has to take into account that advanced persistent threats are named so because they are persistent and with a detection-based approach solution, sooner or later the less-skilled security analyst in the team will get on the shift and may fail to interpret an alert correctly. This can cause many undesirable business problems such as loss of reputation and potential revenue and illegal access to sensitive documents.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.