BreachExchange mailing list archives
Data Breach Prevention Concerns Raise Demand for Security Personnel
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 5 Feb 2015 18:18:30 -0700
http://www.midsizeinsider.com/en-us/article/data-breach-prevention-concerns-raise-de#.VNP4553F-So Data breach prevention concerns continue to be a priority for midsize businesses. With any network-enabled device now a potential target for cybercriminals, many IT professionals face hard choices: Bring in more staff, or create restrictive access policies? With the number of available IT security pros no longer meeting demand, managed service providers (MSPs) have the chance to attract midsize interest and prove their worth. Demand Up, Firms Still Vulnerable 2015 will likely be a banner year for IT security hiring, according to BankInfoSecurity. As the article notes, staffing firm Dice saw a 69 percent jump from January 2014 to January 2015 in the number of job postings for cybersecurity or information security professionals. That unceasing demand coupled with the development of new technology initiatives such as the Internet of Things has led to a personnel shortfall: There are simply not enough experts to meet demand. In response, some midsize companies choose to spend whatever is necessary to hire new security staff, but this can be a time-consuming and intensive process. Others opt for stricter access controls in the hope that data breach prevention can be achieved through employee education and intelligent network use. However, the widespread use of third-party, open-source code and insecure, network-enabled devices means that determined attackers may still find a way through. While security demands are going up, defenses may be left without sufficient staffing and in the face of advanced threats. The MSP Security Vertical MSPmentor lists several common threats to midsize businesses: bad security basics, zero-day vulnerabilities and expert cybercriminals. Ninety percent of data breaches that occurred in the first half of last year were preventable, according to Online Trust Alliance information featured in the article. Many of these breaches were devastating because companies failed to adopt security basics such as strict internal controls. As for zero-day vulnerabilities, malware research firm Kafeine discovered one in Flash that lets attackers plant malware and take over computers. With midsize companies struggling to handle multiple threat vectors and without the requisite security personnel, MSPs have the opportunity to act as the new security vertical. In addition to more common services such as hosting, storage and disaster recovery, bundling in cutting-edge security protection is a way to allow midsize businesses the ability to tap professional protection without overspending or waiting for the ideal candidate. This puts the burden of security compliance onto MSPs themselves. This involves more of a slow build than a flashy fire sale — focusing on the basics first and then expanding as needed to fill customer demand. Midsize companies are struggling with data breach prevention and the scarcity of IT security talent. MSPs can solve both problems with the right set of cybersecurity services and solutions.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Data Breach Prevention Concerns Raise Demand for Security Personnel Audrey McNeil (Feb 10)