Looking back at recent cyberattacks that have compromised company data and overall safety, we need to detect these attacks earlier and remediate them faster. While the dwell time between attack and remediation has dropped dramatically in the last 10 years, it is still not quick enough. For instance, the Colonial Pipeline ransomware attack emphasized the importance of improving our security posture for national infrastructure while identifying where organizations fall behind when protecting sensitive information. The SolarWinds and Exchange hacks have also enabled ransomware authors to more easily deploy ransomware, such as DoejoCrypt/DearCry, to vulnerable Exchange servers. This effort will enable the deployment of web shells on infected machines, potentially resulting in dire consequences since it allows attackers to execute arbitrary files on the system.
Recovery from these types of attacks will be difficult and very costly but could be prevented with the right computer network defense (CND) architecture and, more specifically, the proper cyber education and training. These breaches not only require a complete overview of current security measures, but an expanded outlook on how to train future generations of cybersecurity professionals to prevent similar attacks.
Evaluating Today’s Security Environment
The threat landscape is expanding as hackers continue to exploit the global pandemic by preying on vulnerable remote workers and overtaxed IT systems. It is crucial that businesses, enterprise systems and critical infrastructure are protected through this ongoing crisis, and we need a strong cybersecurity workforce to accomplish this.
According to a 2019 (ISC)2 Cybersecurity Workforce Study, the current cybersecurity workforce needs to grow by 145% to meet global demand. Fortunately, this year’s crop of cyber graduates has already demonstrated their work ethic in a virtual environment under unprecedented circumstances. Many of them have sought jobs in cybersecurity during their summer breaks and have seen attacks firsthand. What sets them apart from their more tenured counterparts is that they have experienced and successfully performed while facing real-world threats even before earning their degrees.
In the coming years, it will be key to support these individuals in order to meet the anticipated skills demand. We face a scarcity of cyber talent, and the answer has to be more than just bidding wars for the same pool of people. We need to develop the skills of individuals from all backgrounds, traditional and nontraditional, who are curious and think creatively. With the continued shift to remote work, it means we have to be even more intentional in our talent development efforts, fostering a love for cyber at all ages and across industries.
Lessons in Communication
U.S. government agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA) and groups including the Multi-State Information Sharing and Analysis Center (MS-ISAC), are helping the nation understand and manage the cyber and physical risks to our critical infrastructure. Recently, the DHS directive for pipeline cybersecurity mandated all critical pipeline operators comply with multiple cybersecurity measures. Cyber graduates entering the workforce must be able to articulate what these guidelines mean, how an attack might happen, and what can be done to resolve potential issues. This is a conversation that needs to happen with C-suite executives, and corporate boards as well.
Given the escalating number of attacks on major corporations in recent years, boards of directors are now becoming more involved with cybersecurity measures. Knowing this, cyber graduates that can clearly communicate such intricate guidelines stand out among their peers and many seasoned security experts. These directives, executive orders and compliance guidelines promise to grow and change as cyberattacks evolve, and they will need a trained eye in order to understand and enact such commands.
Staying Involved
Engaging with local communities and leveraging training in-house can lead to successful recruitment, training and retention of top industry talent – even years down the road. With this in mind, organizations should consider how they can become more involved in the community around them, encouraging youth to pursue technical career paths. For example, the Boys & Girls Club Centers of Innovation, located on military bases across the United States, introduce young people to high-demand jobs in cybersecurity through hands-on STEM activities. Similarly, Girls Who Code Summer Immersion Program teaches high school-aged girls the computer science skills they need to make an impact in their community while preparing for a career in technology. Investment in such programs is crucial to the future of the cybersecurity industry.
Tech executives, academics and government leaders must also offer work experiences and competitions to attract and engage our future cyber workers. It is during real-world breaches where cyber defense skills are really put to the test. Simply put, learning is not the same as doing. In competition, teams are forced to think on their feet and identify solutions under pressure. Students can experience this type of problem-solving and quick collaboration during competitions like the National Collegiate Cyber Defense Competition (NCCDC), where participants operate and manage a network infrastructure similar to those run by commercial businesses. Scoring is based on their ability to minimize system infiltration, keep critical services in operation and prevent sensitive data leaks – all important aspects of a cyber professional's career.
With the ongoing expansion of threat surfaces, organizations – regardless of industry – need to have a cyber-first mindset. This will require offering students of all ages the opportunity to learn in real-life situations and give them an advanced skill set that may set them up to be the top candidates for hire at the world’s biggest tech companies and in the public sector. It is not just about limiting downtime, keeping firewalls up or creating tickets – it is a combination of all those things with the added challenge of time constraints and the need to communicate effectively.
It is time for organizations to prioritize investments in key opportunities that allow future cyber professionals to witness what a career in cybersecurity really requires – a constant vigilance against data breaches that threaten the safety and livelihood of so many.
