Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

TECHNOLOGY

 

By Dave Waterson, CEO, SentryBay

There is a growing demand for skilled cyber security staff and, it seems, a lack of candidates. Where are they all? The truth is that the pandemic shook up the labour market and many executives at all levels and across all departments have moved on, including those in security. 

According to ISACA’s recent State of Cybersecurity Report 2022 which is conducted annually amongst security professionals around the world, any positive effect that the pandemic had on retention in 2020 had worn off a year later. As a result, 63% of respondents had unfilled cyber security positions, an increase of 8% over 2021. An additional 62% said they had understaffed cyber security teams, and a fifth reported that it was taking more than six months to fill open positions. This reflects what we at SentryBay have observed in the marketplace.

It’s not just that talent seems so hard to find, but that organisations have not kept up with the changing expectations of the cyber security workforce. The pandemic brought about a change in attitudes with many employees keen to see an improved work-life balance. Flexible working arrangements are now expected by staff, but for companies, a return to the physical office is preferred. On top of this, and against a backdrop of increasing food, retail, energy and petrol prices, higher wages are in demand. As the requirement for talent increases, candidates are using this situation to gain leverage, and if the job spec doesn’t suit them, they can afford to look elsewhere.

The battle to solve this problem is being fought on two fronts. The first is to adjust traditional approaches and increase transparency during the interview process to ensure the expectations of both the candidate and the company are aligned. The second, however, is the looming worry of remaining cyber secure in the absence of a fully staffed and qualified team and a rapid escalation in attacks

Financial services companies must shore up their systems

Considering that, according to some reports, cyber criminals are 300x more likely to target financial services providers and businesses than any other industry, the need to shore up these systems and services has become acute. Now is the time to look at implementing cyber security measures that can deliver comprehensive protection for applications and data, regardless of where employees are working, and which can be automated to give the entire company protection quickly while demanding the least from time-strapped security teams.

One of the main vulnerabilities is the endpoints being used by employees, from laptops and mobile phones through to tablets, IoT devices and desktop PCs. In physical offices these are usually secured through strong corporate protection, but in today’s more flexible working environment, devices are as itinerant as their users. It takes only one unsecured endpoint connected to the corporate network – in the office or remotely – to open a gap which, if compromised, can lead to a cyber attack. 

Unfortunately, standard security measures are not enough, even if they combine antivirus, internet protection and endpoint detection and response (EDR). They were not designed to manage remote devices, and that combination of solutions will identify less than 50% of the attacks that are occuring today. 

If enterprise cyber teams are being forced to prioritise their efforts, endpoint security is a great place to start since they are so often the favoured access point for cyber-attackers who use the keyboard and screen as the attack vector to steal sensitive data. 

Kernel-level keyloggers, for example, bury into the system silently and sit at a low-level, harvesting keys that are tapped onto the keyboard. Obviously, the benefit to the keylogger is from grabbing passwords, security details and other sensitive data which they will later use. 

Screen capture attacks work in a similar way, tracking and capturing personal details as they are displayed, putting at risk the data held within applications. Some financial companies advise their staff to use two-factor authentication, deploy complex passwords and update them regularly, but the risk remains to information held within applications. 

What organisations most benefit from is a fortified environment that allows employees, both in the office and working remotely, to securely connect to their network. And it is not just the benefits this kind of environment provides against cyberattacks, but in ensuring they comply with industry regulations, international laws and local guidance. 

Winning the battle on the cyber front

Looking again at the ISACA report it is possible to see a correlation between staffing levels, retention and cyberattacks – 69% of respondents whose organisations experienced more cyberattacks over the past year said that they were somewhat or significantly understaffed. 

Solving this problem by finding and keeping new, highly qualified security talent, is the answer, of course, however it is likely to take some time and a new approach to cybersecurity investment. Meanwhile, security teams need bolstering with the use of dedicated solutions that are designed to minimise management, maximise automation, and deliver protection where it is needed most, at endpoint devices.  

 

Continue Reading

Why pay for news and opinions when you can get them for free?

       Subscribe for free now!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts