“There will always be an asymmetry between the attackers’ capability and the defenders as to protect a system you need to cover all the vulnerabilities, all of the time,” says Piers Wilson, director of IISP, the professional body for security professionals. “But budgets are finite; whereas to mount a successful attack you only have to find one exposed weakness and you can be as patient and spend as much effort as you feel is worth while.”

 

Education

 

Education is key both with academia and universities as well as within industry itself. This means keeping board members up to scratch as well as constant retraining for IT staff as technology and potential threats are changing all the time.

There are various options open for cyber training. “They range from formal courses comprising quick overviews to specific courses, to product and technology courses to full-time MSc programmes,” says Wilson.  “It’s also an industry that generates a huge amount of research and white paper material so training aside there is no shortage of materials available for self-learning too.  Which of those fits a particular organisational or individual need is a matter for debate. At the IISP we have been active in setting standards and running a training course accreditation and assessment programme to allow people to select those courses we can vouch for but to also know what topics areas they cover.”

The steady march of technology means that in IT everyone is always learning - 10 years ago the technologies and hence the attack vectors were different but now there are superior platforms, security controls and working knowledge of facilities. “Some areas can afford to take a more considered path, developers for example might only migrate from one language to the newer/next one once they feel they have understood it,” says Wilson.  “On the other hand if a new security threat arises tomorrow the cyber security industry is immediately playing catch-up to understand it and be able to detect and respond.”

 

The Future

 

The challenges are not set to go away. “There are some developments around machine learning and anomaly detection where smart technologies can identify and diagnose threats and the logical next step for this is to see what systems can do to automate responses in a confident and safe way,” says Wilson. “They are making security more efficient by removing the noise, distilling down the data to make decisions and enabling swift action that is consistent, repeatable and allows the business to react more quickly.  This frees up time for other activities that improve security, like hunting for threats that are not yet apparent, improving the overall security posture and training and development.”