On Sunday, August 7, CompTIA participated in a meeting of the National Conference of State Legislatures’ (NCSL) Task Force on Cybersecurity, which was held as part of the 2016 NCSL Legislative Summit. The mission of the Task Force is to engage members in policy discussions and educated members on all things cybersecurity, including how states can combat attacks and the impact of this growing field on state workforces.
Seth Robinson, Director of Technology Analysis for CompTIA spoke on a Task Force panel discussion regarding cybersecurity education and workforce development. The Task Force concentrated on how individuals can be trained to develop the right knowledge, skills and abilities to transfer into this growing segment of today’s workforce. As more individuals become trained for cybersecurity positions, we must work to cultivate common cybersecurity language and standards in education.
Mr. Robinson’s remarks concentrated on informing the Task Force of the five facets of modern security. As CompTIA’s robust research team has seen over time, a change has been spotted in the security industry and more individuals are flocking to these positions. Burning Glass Technologies, a job market analytics firm, has reported a 72% spike in their primary security categories between 2014 and 2015. This prompted a review to determine how the industry is changing. Here’s what they found:
- Security is not just a side activity in technology strategy. CompTIA’s new IT Framework describes security as one of the four pillars of IT operations, along with Infrastructure, Development, and Data. The changes in the field, the digitization of enterprise, and the increasing cost of breaches drive specialized focus on cybersecurity. It is important to note, though, that security works in concert with the other areas. Overall technical knowledge is a baseline for advanced security skills.
- Security is not just about technology. Historically, security strategies have revolved around technology such as firewall and antivirus to create a secure perimeter. Technology still plays a huge role, and more tools are being added (such as DLP, IAM, and SIEM), but modern security also relies on strong process management and user education. Processes such as risk analysis and compliance monitoring help businesses operate in a secure fashion, and user education improves the strength of the weakest link in most security incidents.
- Security is not just about prevention. The goal of the secure perimeter approach was to keep all attacks on the outside. With IT complexity growing and attackers becoming more capable, the likelihood of 100% prevention is very low. Detection is now a huge part of a security strategy, and companies need to build skills in detection and rapid response. One of the main challenges here is in understanding the many notifications that may come from different layers of security technology.
- Security is not just about defense. The shift towards detection is a first step towards proactive security tactics, but companies are starting to take this even further. As more stakeholders demand solid security practices, companies are performing audits or penetration testing to test their defenses. New metrics are being built for what constitutes good security, and companies will want to demonstrate that they have followed best practices when the inevitable breach occurs.
- Security is not just an enterprise game. As attackers find value in all forms of digital data, companies of all shapes and sizes have to be concerned about their security. The biggest segment that will have to change is the SMB sector, which has traditionally viewed their data as not worthy of attention. As these firms adopt new technology, they will also have to adopt better security practices. This will drive demand in some of the typical hotspots, but there will be ripple effects across the country.
The Task Force will next meet in December in Washington, DC.