Security Roundup: Retaining Cybersecurity Workers, Proficio-CyberSight, KnowBe4, F-Secure

With no end in sight to the cybersecurity skills shortage, organizations need to do all they can to make sure their cybersecurity workers aren’t pursuing other opportunities.

According to ESG’s latest research, based on a survey of 620 IT and cybersecurity professional across all industries in North America and Western Europe, more than half (51 percent) of respondents claimed that their organization had a problematic shortage of cybersecurity skills. That’s up from 45 percent in last year’s survey and 25 percent in 2015.

OmniNet’s Andrew Bagrin

Andrew Bagrin, CEO and founder of OmniNet and a member of CompTIA’s IT Security Community, tells us the shortage is “producing insecure networks.”

“You have to first put out the fire in the kitchen and then think about how to prevent kitchen fires in the future,” he said. “It’s been challenging to apply technology to fill the large void, but there are hopes that things like machine learning and artificial intelligence (AI) can reduce the needed humans to make the industry tick.”

More jobs are opening up and fewer people are available to fill them, said Raffi Jamgotchian, Triada Networks‘ president and chief technology officer, and CompTIA community member.

“It is even harder for smaller companies in the channel because we’re competing with top-tier consulting firms, government, military, and the largest firms, especially in financial services,” he said. “One difficulty is that many firms are looking for very specific cybersecurity skill sets which are nascent and there aren’t a lot of candidates doing it.”

In the meantime, a new report by (ISC)², a non-profit organization that specializes in training and certifications for cybersecurity professionals, reveals low numbers of highly engaged workers. Only 15 percent of respondents say they have no plans to switch jobs this year, while 14 percent plan to look for a new job and 70 percent are open to new opportunities.

(ISC)²’s Wesley Simpson

The report is based on a survey of 250 cybersecurity professionals within the United States and Canada.

Wesley Simpson, (ISC)²‘s COO, tells us about 21 percent of cybersecurity professionals are being actively recruited, saying “someone is reaching out to them on a daily basis.”

“So companies are having to create the proper environment that’s going to attract, retain and be able to hire these cyber professionals, he said. “These professionals … have a strong sense of a mission and they want to give back. They want to be able to really protect the organization, and protect their data and their people, and their clients and employees. And they don’t want to be bogged down with a whole lot of the HR and managerial type of duties.”

When asked what’s most important for their personal fulfillment, nearly half said salary is not the top priority, according to (ISC)². Also, more than two-thirds (68 percent) want to work where their “opinions are taken seriously,” 62 percent want to work where they can “protect people and their data, and 59 percent want to work for an employer “that adheres to a strong code of ethics.”

“They want an opportunity to really utilize and show their skills, and that the company has bought into it, that the company has a cybersecurity strategy, and is is investing in their employees and the latest technology, and in training and certification,” Simpson said.

The vast majority (85 percent) of cybersecurity workers would investigate a potential employer’s security capabilities before taking a job, and what they discover would influence their decision, according to the survey. More than half (52 percent) are more likely to take a job with an organization that takes security seriously, and two in five (40 percent) will work for a company that needs security improvements, it said.

“The channel partners, their role is really to be a trusted adviser and to become more important on the security front,” Simpson said. “With SMBs, they need to be able to offer …

… good advice and good solutions quickly. A breach at the SMB level can really be fatal.”

The organizations that differentiate themselves are the ones that can really attract and retain the right cybersecurity professionals, he said.

Swift Chip’s Kenneth May

“Partners can really use this advice to build out their teams because their clients need that security support,” Simpson said. “As long as they start looking at some of the different perspectives of what the job seeker is looking for and how [they] can apply that and employ them with in [their] organizations, that’s going to help set them apart from their other competitors or even bigger companies … because they’re starting to implement an attractive environment that focuses on what these job seekers are looking for.”

Kenneth May, CEO of Swift Chip and CompTIA community member, tells us the lack of workers is negatively impacting the channel by giving others a competitive advantage.

“Service providers are sometimes unable to fully service the needs of their clients, and must refer projects out to other vendors, potentially giving those a foot in the door to sell more services,” he said.

Proficio, CyberSight Partner for Enhanced Endpoint Detection, Response

Managed-security services provider Proficio is combining its managed cybersecurity services with CyberSight’s RansomStopper anti-ransomware software.

Proficio’s services provide clients with monitoring and alerting, vulnerability management and automated-response capabilities through security operation centers (SOCs) in San Diego, Singapore and Barcelona. RansomStopper uses proprietary technology and machine learning, including patented behavioral analysis and deception techniques, to detect new and existing ransomware and to protect against malicious encryption and file loss.

Hyder Rabban, CyberSight’s COO, tells us that partners may want to provide complete end-to-end monitoring and protection to their customers, and “they can propose either just Proficio MSSP offerings, just CyberSight anti-ransomware offerings or a combination of the two so the core infrastructure of the network as well as the endpoints (PCs and servers) are monitored and protected.”

The combination also provides opportunities for partners that either want to start selling security or increase their security offerings, Rabban said.

“For many partners, it is cost-prohibitive for them to build and staff their own security operation centers and to field-test the different combinations of advanced anti-ransomware products such as CyberSight’s RansomStopper,” he said. “This new combination of Proficio’s professional services and CyberSight’s anti-ransomware software, which operates seamlessly with Proficio’s ProSOC, can be made available to partners as part of their security services offerings to end-users.”

KnowBe4 Survey: Midmarket Under Ransomware Attack

Ransomware was a multibillion-dollar business last year, with the number of new ransomware variants continuing to grow quarter-over-quarter, according to the latest research by KnowBe4. Despite the many security offerings available, organizations continue to fall victim to attacks with an average of …

… 13 percent of organizations surveyed experiencing a ransomware attack and one in four (25 percent) experiencing an external malware attack.

KnowBe4 surveyed more than 500 organizations around the world to determine the impact a ransomware attack has on them. Midmarket organizations (1,000-5,000 employees) were hit the hardest with ransomware in 2017, with 29 percent indicating they experienced a ransomware attack. Organizations in manufacturing, technology and consumer-focused industries experienced the most attacks.

“While ransomware attacks are becoming more and more sophisticated, they are preventable,” said Stu Sjouwerman, KnowBe4’s CEO. “As the report shows, endpoint-protection solutions help protect against a material percentage of malware, but don’t actually put a stop to the threat. It’s only by adding continual testing and training of employees that organizations create their strongest security posture and see a material decrease in both ransomware and external malware attacks.”

The widespread, opportunistic nature of many attacks, mixed with an improvement in phishing-based social engineering, has led cybercriminal organizations to take the “shotgun” approach, targeting every business for whatever ransom can be paid, the company said.

F-Secure Wants to Help Partners Fight Advanced Cyberthreats

Through its growing network of channel partners, F-Secure is introducing a new managed endpoint detection and response (EDR) service designed to protect companies from targeted cyberattacks and advanced threats. Co-created with partners, the service offers partners a chance to “get in on the surging opportunity around managed EDR services,” the company said.

“Today’s stealthy, sophisticated attacks demand sophisticated approaches, because mere endpoint protection is not enough anymore,” said Jyrki Tulokas, F-Secure’s executive vice president of cybersecurity products and services. “At the same time, the urgent shortage of skilled cybersecurity specialists puts midmarket companies at a disadvantage when it comes to hiring. The answer is to use cutting-edge AI trained by F-Secure’s world-class threat analysts to detect advanced threats that have penetrated the network, and provide guidance to our partners on how to respond. With our unique combination of man and machine, midmarket organizations can have access to true enterprise-grade cybersecurity with trained local expertise, via our partners.”

Some 55 percent of incidents investigated by F-Secure’s incident response services are caused by targeted attacks, while only 45 percent are opportunistic. And more than ever, attackers are employing methods designed to evade traditional endpoint-protection technologies: Ponemon projects that more than one-third (35 percent) of attacks in 2018 will be fileless, up 6 percent from last year, and these attacks are almost 10 times more likely to succeed than traditional file-based attacks.