IT Security: Survey Says Need for Virtual Soliders Growing
Recent survey data from research company Aberdeen predicts that the need for trained IT security personnel will rise sharply in the next few years as companies deal with increasingly complex threats and the desired skill set for midsize IT pros begins to shift. This presents challenges for companies girding against what some experts describe as a "virtual war"--a battlefield filled with ambitious cyber criminals and ambitious governments.
Preparing for Change
As reported recently by Marketwire, Aberdeen's three-part series examines the changing security landscape now faced by business IT. Using data gathered from more than 100 organizations, the survey found the growth of software-as-a-service (SaaS) deployments will lead to a shift in needed IT security skill sets and an increased need for professional certification. In addition, security pros with "softer" skills--such as communication, crossdisciplinary expertise, and negotiation--will be preferred over traditional IT admins. Aberdeen also found that company needs may begin to outstrip the pool of available candidates, especially as industry experience and specific technical skills become crucial in defending against security incursions.
For midsize companies, the ultimate goal is to train a set of IT "soldiers" able to wage virtual war on cyber criminals and hackers. How best to fight this battle, however, is still up for debate.
Both Sides of the Coin
According to a recent ITPro article, military experts are split on how a company should wage this war. Some, like former U.S. intelligence officer Bob Ayers (now of Glasswall Solutions), argue there's no need to strap on a cyber sidearm just yet.
"The question of whether an enterprise should 'go to war' against cyber criminals suggests a basic lack of understanding of the problem," he says. Ayers warns against taking aggressive steps against an attacker, especially if it crosses the line into vigilante justice. Lieutenant Colonel Chris McIntosh, meanwhile, says that "to an extent, enterprises have always been at war with cyber criminals: It's just that they didn't realize it." As a result, companies need to adopt a defensive IT security posture.
With cyber attacks more complex than ever--far beyond the disgruntled hacker or technically savvy single criminal--admins must, at the very least, start anticipating incursions and fortifying their "base" against potential damage. To do so, they need a set of professional, highly trained personnel.
Virtual and Virtuoso
Midsize companies need to do everything they can by securing resources, locking down all obvious entry points, and tightly regulating access. But finding--and sealing--unexpected weak spots is a job for highly trained IT security pros. As Aberdeen's data shows, the emerging cyber war needs an expert human touch in addition to aggressive security automation. Midsize companies, therefore, should anticipate challenges in finding and hiring the right IT pros as the protection market matures, but they will receive significant benefits from their expertise.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.