Wednesday, September 20, 2017

Victim or executioner?

We can say that witchcraft is as old as the existence of man, and it is from the fourteenth and fifteenth century, when the "Holy Catholic Church" through the Inquisition, was devoted to the massive burning of women, accusing them of witches. The vast majority of these women only committed the sin of being emancipated women, who lived from the elaboration of home remedies. For many years, "witches" were the only ones who were in charge of the health in the small settlements, besides being the midwife who helped her children to come to the world. So, now with all this knowledge through the centuries, could we say that the witches were victims or executioners?

The cybersecurity problems faced by businesses are not unknown to most. Cybersecurity occupying headlines has become a daily reality. Even large companies receive attacks that they do not know how to manage, leaving exposed valuable information. Perhaps it is time to look at it from another point of view and stop giving companies the role of victims. In fact, perhaps they themselves are not able to manage all the talent they already have inside their walls.

A survey by (ISC)² to 3,300 professionals that widespread under-funding in training in-house IT talent is contributing to the critical cyber security skills gap.

There are many surveys. And about cybersecurity many more. This survey directly blames companies for the deficit in cybersecurity training. It asserts that the lack of skills in cybersecurity is due to a lack of funding in the internal training of the ICT department. More than 50% of professionals claim that their companies do not invest enough in ensuring that their employees are well-educated.

Companies expose themselves to cyber threats by ignoring and ignoring their professionals. The situation must be unsustainable for the employees of the sector 65% of IT workers reporting their security advice is not followed. Worse than not having the talent to deal with a problem is to have it in the house and not being able to see it. Because only 35% of IT employers agreed their security suggestions are acted upon. 

According to the results of this survey companies are even less able to deal with cyberattacks than they were a year ago. Asking the sector's own workers, 49% accuse the leaders of their companies of not understanding the necessary requirements about cybersecurity. Where the captain rules, a sailor has no sway. Awareness of the importance of cybersecurity in the upper ranks of companies is something that should have been long ago due to the current situation in the sector.

Companies consider themselves unable to attract great experts in the field of cybersecurity and over make the tremendous mistake of overlooking the talent they already have in their companies. One of the many advantages of this type of talent is that familiarization with infrastructures and processes makes possible a thorough critique of their strengths and weaknesses. But it does little good if you cannot see all these advantages.

The fastest way for businesses to protect themselves from cyber threats is through the continued education and empowerment of their IT team. Safety is a responsibility that should be shared across the company. But if the ICT department is not properly trained and is unable to apply the best security practices in all systems, even the best security plan may fail.

From CIGTR we want to praise the talent in terms of security. Within our companies we have great professionals of cybersecurity. It is the duty and obligation of companies to internally train these workers in order to deal with cyberattacks that increase in number and complexity as technology advances.


Post a Comment