Evolving Cybersecurity Threat Landscape Shifts Hiring Patterns Toward Specialization

April 6, 2017

The conversation around allegations that Russian hackers stole data and thousands of emails from the Democratic National party during the ramp up to the recent election is only escalating. Whether this claim is proven, it certainly shines a spotlight on the emerging types of nation-state and other malicious threats faced by businesses, individuals and even governments. We had almost become accustomed to hearing about hacks of financial institutions, retailers and even Fortune 500 companies, but these recent allegations take the need for truly actionable intelligence to a whole new level.

The question is what can the information security industry do to manage this ever-changing threat environment? Industry experts have been pondering this same question. And as they formulate their answers, it’s having an effect on the type of information security professionals being hired and how they spend their time and apply their expertise.

While the shortage of cybersecurity staff continues, many enterprises are now looking for less volume and for more specialization. Cyber-attacks are coming from all over the globe and are aimed at endpoints and users all across the enterprise. And in many cases, the cybersecurity generalist can only take things so far. Companies need specialists who know their environment and who are well-versed in the threats aimed at that environment. That approach is what recently led a leading automobile manufacturer to develop a specialized division to concentrate on vehicle cybersecurity for their next generation of vehicles.

This “threats everywhere” environment is leading to another shift we can expect to see in the coming year: the use of Business Risk Intelligence (BRI) across multiple business units of the company. BRI takes the intelligence gathered from the cyber domain and relates it to the many business functions that make up the enterprise. And in doing so helps educate the leaders of those business units on the security threats they face and helps alleviate the burden of identifying, preventing, and reacting to those threats. This approach truly turns cyber intelligence into a tool for making better decisions all across the company.

And while today’s security information and event management products offer lots of automation, companies are recognizing that there is now more than ever a need for “eyes on the glass.” Companies are starting to realize – or realizing once again – that as cyber threats gain in frequency and sophistication, it really is the human analyst who can cull down security events to effectively gauge the ongoing threats to the organization. And they’re beginning to hire those “eyes on the glass” type of security folks.

As you can imagine, all this specialization and manpower really does impact the budget as the budget gets larger and larger to keep pace with the increasing threat environment. One way companies are attempting to keep their budget in check is to automate as many security operations as possible. In most cases, in-house automation must be done by in-house personnel so companies are hiring more dedicated developers to handle security automation.

On the flip side of all this are the companies working to develop security products. They know that the threat is evolving, security departments are often under-staffed, and understanding their product is the key to a sale. So they’ve begun to hire the traditional threat intelligence analyst and to put them to work as a sales engineer or solutions architect. Their role is to help prospects understand their security product and how best to use the product to have an impact on their company. I guess you could say we’ve come full circle when the analysts who were in need of the product are now helping to sell the product.

It’s hard to imagine a cybersecurity threat more intriguing and potentially having more impact than the alleged hack by the Russian government. But the one thing the last 10 years have shown me is that the threat landscape is continually changing and that most likely will not change any time soon. And in order to win this game of security cat and mouse, companies must continue to assess their hiring practices and tweak them to keep pace with the hackers of companies, individuals and now governments.

Chris Camacho is the Chief Strategy Officer at Flashpoint.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

Evolving Cybersecurity Threat Landscape Shifts Hiring Patterns Toward Specialization

Related Articles

Related Products

Report Abusive Comment