Tackling cyber security from the top down
28 September 2018 | 0
Today’s cyber threats can be broad-based combinations of human and technological elements that require layered defences and awareness.
The personnel required to combat these threats are not just technologists, they are multifaceted professionals with deep sectoral knowledge.
At the Technology Ireland ICT Skillnet conference on cyber security, renowned expert Brian Honan, founder of the Irish Reporting and Information Security Service, will describe the current threat landscape, illustrating how a broad-based skills initiative can help to reduce the impact of cyber crime.
Addressing the issue of cyber crime and the patterns of threat actors, head of the Garda National Cyber Crime Bureau, Detective Superintendent Michael P Gubbins will show how criminals are drawn to the most lucrative opportunities, large or small, along the path of least resistance. With advice on making your organisation the least attractive target, Detective Superintendent Gubbins will talk about how less than 5% of cyber crime is actually reported, here and how “ransomware is rampant”.
IBM Watson Talent security expert James B Alvilhiera will argue that building from within can be the most effective strategy for tackling the cyber security skills gap.
Rather than trying to fill vacancies with new hires, Alvilhiera argues, solving cybersecurity talent shortages with internal mobility is as a more viable option with better long-term returns. People from non-technical and non-cybersecurity backgrounds could bring new perspectives to what is as much a people problem as a computer one, he contends. Bringing people with broad business backgrounds into the security team strengthens team performance.
The concept of lateral mobility is being replaced by the concept of career constellation based on experience, exposure, education and environment. Alvilhiera is a leading thinker in this space and will highlight successful examples of the concept working in practice.
Cyber defences are not the only area being overtaken by the developing wave of cyber threats.
Higher education too faces many challenges in keeping pace with the rapidly changing technology-dependent industries. Richard Harpur of Pluralsight will focus on the cyber security industry and show how many higher education institutions are adapting to address the needs of businesses for a skilled graduate workforce, to a great extent, leveraging the power of e-learning.
The conference programme also features security workshops for the curious and those looking to get a taste of cyber defence. There will also be a risk assessment workshop that will explore the issues and use a structured tool to enable participants make an initial assessment of their cybersecurity preparedness. It will examine areas such as cloud security and business continuity management after a breach, down to issues like Passwords, Patching: Phishing, Protecting against Ransomware and Malware, Device Configuration, Back-ups and having an effective Business Continuity Plan.
The aim is to help participants identify any weakness in defensive strategies and operational procedures, and to maximise the chances of effective recovery from a disaster.
This free conference will also launch the Cyber Security Skills Initiative (CSI), which provides a means to cross and upskill for IT professionals, as well as providing a trusted basis for organisations to hire a qualified cyber security officer.
Places are limited and registration is required.