Infosec Security News

Cybersecurity, Cloud Skills: Key to Companies’ DT

COVID-19 pandemic has sped up digital transformation then we could er rate. This includes many companies’ embracing of cloud platforms and remote work—technology at a rapid pace. If you’re a technologist (or an aspiring one), you need to stay constantly on top of developments within your specialization, whether cyber security, cloud, or machine learning.

But what aspects of this digital transformation are companies choosing to embrace? And what skills do you need to take advantage of that?

Cybersecurity in All Forms

Mike Engels, principal consultant at Chicago-based strategic consulting services firm Netrix, said his clients are focused on using digital transformation projects to support team members who are now mostly working remotely.

“Companies are looking for people with mobile device management, and SSO skills, because those are toolsets that are let team members get secure access.”

Mobile device management and remote access, in turn, fold into the larger issue of cybersecurity. Indeed, Engels sees cybersecurity as a major stumbling block for companies, which have a growing need for cybersecurity engineers who can configure security components that help with endpoint security, server security, and intrusion detection.

While buzzword technologies such as artificial intelligence and machine learning have been companies’ recent focus, Engels thinks those have gotten pushed to the backseat because of higher-priority items such as cybersecurity, where people are still investing heavily: “While machine learning is still something people are investing in, I’ve seen a lot of people put projects off because they don’t have the budget for it at this time.”

Steve Durbin, MD of the Information Security Forum, a London-based specialist in cybersecurity and risk management, said his organization continues to see a skills gap when it comes to cybersecurity professionals: “Increasingly, lockdown has driven us all online and the training industry has been somewhat slow to respond with engaging, practical training supported by skilled practitioners who can share their expertise.”

Durbin said “Organizations can either adopt an attitude that says we will work with the rich skill sets that are available and provide the security components by online training, apprenticeships and practical skills transfer through mentoring schemes or they can sit back and wait for the perfect candidate to come along some time maybe never,” he said.

The Cloud

Another cloud-related technology where Engels is seeing companies make investments is information governance and rules, which help his clients securely, transfer data to the cloud.

“Changing office dynamics have greatly increased cloud service adoption,” agreed Brendan O’Connor, CEO and co-founder at AppOmni, a San Francisco-based provider of Cloud Security Posture Management (CSPM) for SaaS.

Because of the needs related to the pandemic, O’Connor noted, technologists had precious little time to ramp up cloud services as employees shifted to remote work. “This has resulted in a severe shortage of IT staff skilled in various cloud services,” he said. “The rapid shift to the WFH model has also increased the workload across all IT staff.”

Even for technologists well-versed in cloud services, the rapid speed of digital transformation has caught some of them by surprise. In order to handle additional workloads, many have turned to automation and other tools. “With the employee location and devices under constant flux, organizations will rely on the consistency and security of cloud service applications,” O’Connor said. “IT workers should look to the management and security of these SaaS applications as the new skills and technology to embrace.”

Mohit Tiwari, co-founder and CEO at Symmetry Systems, a San Francisco-based provider of data store and object security (DSOS), also noted that, because COVID has accelerated organizations’ digital transformation, the ability to set up workloads in the cloud that meet compliance and security needs is in demand.

“Part of the reason is that the workloads that had resisted moving to cloud were exactly the highly regulated ones, and the forced move out of on-site data centers managed by IT staff is driving up demand for cloud-based compliance and security skills,” he said.

Tiwari said there are “massive opportunities” in deploying and managing workloads in the cloud, cloud-based security and compliance, as well as learning enough programming or data science to automate domain-specific problems.

These include learning to work with cloud-native identity and access management (IAM), large scale log analysis and alerting techniques, NIST and similar compliance frameworks, and broadly learning to manage infrastructure through structured programs, instead of shell scripts pieced together.

“As networks and application tiers become ephemeral, the most important persistent asset for any enterprise will likely be their own and their customers’ data, so data security on the cloud will be a major theme going forward,” he noted.

(Image Courtesy: www.cybrary.it)

Leave a Comment

Your email address will not be published.

You may also like