Categories
DSI challenges IT Decision-makers

Finding security experts in the COVID-19 crisis: a major challenge for IT departments

How to find the good security experts? About a third of the world’s population is estimated to be currently under confinement to stop the spread of the novel coronavirus. As a result, businesses across the globe are resorting to remote work to continue operations in those areas where that is possible. This is adding unprecedented amounts of stress to already understaffed IT departments. 

CIOs and other IT leaders find themselves racing against the clock to adapt the whole company’s infrastructure to a work-from-home scenario while tackling their biggest concern: cybersecurity. And for good reason – threats are increasing exponentially. 

But assembling the right security experts & security team is proving even more difficult than it usually is already. 

Security threats give no quarter  

Hackers are certainly not going to close shop because of a tiny microorganism. If anything, they are using it to their benefit. For instance; phishing emails; were already the most common form of attack experienced by organisations. But the past days have seen a great surge in attacks trying to lure employees into clicking on an email sent by “their boss” or containing virus-related information.  

Among the most reprehensible of attacks are those being experienced by health and medical institutions. Not even the World Health Organisation was spared, targeted earlier last month by a false-domain attack aimed at stealing passwords from agency staffers. The situation is so dire that a group of 400 security experts from international giants like Microsoft and Amazon has volunteered to fight hacking tied to the coronavirus.  

Yet that is not the main issue. The pressure being put on enterprise networks is quickly revealing system vulnerabilities. And especially for those companies least used to distributed work and that rely too much on local networks. In short, the soaring numbers of employees working from home are finally making most decision-makers aware of what IT leaders have been warning us for a while. The business world’s generalised lack of a comprehensive security policy and employee awareness training.    

Although effective measures like VPNs have gained adoption in recent years, problems generated by shadow IT and BYOD remain largely unresolved. Many staffers will be accessing company resources through their personal devices and networks in the coming weeks. Multiplying exponentially the potential points of entry for attackers.  

Experts are becoming even harder to find 

In turn, this increase in cyberthreats is exacerbating the skill and personnel shortages the security sector was already experiencing. According to a recent study by ISC, the global security industry lacks more than 4 million security professionals. The world’s security workforce would need to grow 145% yearly just to meet the demand for skilled talent.  

The shortage of skills impacts some of the most critical roles within IT security. Such as those related to identifying threats or patching and updating vulnerable systems. However, the deficit is more acute in areas tied to rapidly emerging or evolving technologies. For instance, and in this WFH crisis more than ever, security in multi-cloud environments is key. Unfortunately, few organisations have dedicated cloud security experts or proper encryption protocols for their data in the cloud.   

Not surprisingly, the cost of security expertise has also become a problem as the lack of skilled talent drives wages up. And so the vicious circle goes.   

Hire or outsource? 

With everyone battling over the same security experts. Defining a solid talent strategy and identifying the right partners can make the difference; between a multi-million breach and your department’s success.  

Regarding your talent strategy, you first need to decide whether you want to expand your team or rely on the temporary help of consultants. If you had been planning on bringing more people on board for some time, this might be the perfect time to create new permanent positions or fill vacant ones.  

On the other hand, calling on a freelancer will most likely allow you to speed up the selection process and provide a quicker response to the crisis. Working with an independent contractor can also help you secure exactly the skills you need at a more competitive cost. As the freelance talent market tends to be more agile and flexible. 

No matter which option you are leaning towards, don’t hesitate to seek the guidance and help of talent experts. Time is of the essence in the cybersecurity wars. Partnering up with the right IT staffing specialists will not only allow you to access the best talent; it will help you secure it before another company closes the deal.  

Need Extra IT Support? Avoid Mistakes When Hiring Tech Freelancers


Join our community and find your next job or expert in IT


By Mindquest

Mindquest Connect offers you a collection of articles and innovative content for recruiters and IT professionals.

Leave a Reply

Your email address will not be published. Required fields are marked *