• Qualified talent is essential to boost the cybersecurity sector
• Cybersecurity specialists can come from different academic disciplines; they don’t need to be engineers or systems experts
• Taking care of cybersecurity has become a key factor in brand reputation and user confidence

In 2017 alone, the CNN-CERT (Spanish Acronym for “Incident Response Centre of the National Cryptological Centre” at the CNI) dealt with 26,500 cyber incidents, which meant a 26.55% increase from 2016. This increase reflects the delicate situation in which companies find themselves and the pressure to protect both public and private entities from these types of online threats.

The cost of cybersecurity is increasing exponentially for companies. The rise of “cybercrime as a service” and the increase in hacking tools and services that were previously only accessible to a few have blurred the profile of the classic cybercriminal making it possible for virtually anyone, attracted by the high economic return and ease of cyberattacks, to have access to them. To make matters worse, the lack of qualified candidates in IT security is added to this situation. Companies are exposed to more risks since their control and response capacity is limited.

On February 20 we held an exclusive Cybersecurity breakfast event, and we had the pleasure of having Adolfo Hernández, deputy director and cofounder of THIBER, a cybersecurity think-tank research centre specialized in cyberspace protection, and Head of Advanced Cyber Defence at Sabadell Bank.

We focused on the topic of “How to make the most of the digital economy by managing corporate digital risks”. The conclusions we drew have defined the main trends and the challenges of the cybersecurity sector today:

• Identify, attract and retain talent

One of the main challenges for companies when tackling cybersecurity threats is to first be able to identify, attract and retain talent. According to Adolfo Hernández, Spain is a specialized talent powerhouse in this area and has become a leading destination for cybersecurity offshoring. This is demonstrated by the creation of different cybersecurity hubs in large multinational companies and the existence of a growing regional business network that offers quality services at competitive prices.

According to a study by ISC2 (International Information System Security Certification Consortium), by 2022 there will be a shortage of 350,000 cybersecurity professionals in Europe. It has been stressed that extensive prior technical experience should not be a barrier to entry. In fact, not all cybersecurity profiles have to be engineers; other figures such as political scientists and criminologists are also required to help understand the motivation, economic model and profiles behind cyberattacks.

• Confidence in CYBERSECURITY

Cybercrime is the fastest growing crime and has a huge impact on consumer confidence in the digital market, as Adolfo Hernández explained to us. Cybersecurity has become an essential factor in measuring the confidence consumers have in a company. The news that Moody’s is already studying how to build the cyber risk that a company has into business credit ratings is really driving home the fact that a cyberattack goes beyond being an economic problem; it can become a serious reputational problem.

• Hyperconnectivity and Cybersecurity

Hyperconnectivity stands out as one of the biggest obstacles to cybersecurity. The Internet of things means that a cyberattack can affect several devices (mobile phones, Smart TVs, connected vehicles, security cameras…)

The digital population has increased by more than 366 million users in 2019 versus January last year. More than 3.2 billion people are active Internet users who don’t limit themselves to just one device; there are millions of objects connected through the Internet of Things (IoT). Therefore, the more connected we are, the more we are exposed to risks.

• Disparity between those who protect and those who attack

The relationship between the cybersecurity professional and the cyber attacker is significantly imbalanced. Those in charge of protecting companies have to deal with different tasks on a daily basis that have nothing to do with the objective of defending against all possible attacks; such as dealing with audit departments, limited budgets, lack of corporate awareness, lack of specialised talent and regulatory compliance. On the other hand, the only task the attacker has is to find a vulnerability to attack: this is a complete imbalance. At The Valley Talent, we consider it essential that companies have the ability to identify qualified talent and integrate them correctly into their corporate structures. This way, they are better equipped to respond to cyberattacks.

Companies that attract and retain the best talent in this sector will develop cyber capabilities to securely face the digital challenge. The challenges at hand are to make cybercrime less profitable and combating it an even fight.

The latest Risk Report from the World Economic Forum ranked cyberattacks and data theft as two of the five main risks. According to this report, the cost of cybercrime to companies in the next five years could reach 8 billion dollars.

Every entity that has an online presence, generates information through its business activity, or whose systems are hosted in the cloud is exposed. Luckily, organizations are beginning to realise the need to develop a plan that minimizes the risks and impact of a security incident. The enormous repercussions of events like the one that happened last year with the ransomware “Wannacry” macro attack have set off alarm bells.

Cybersecurity profiles are playing a fundamental role in organizations and are supporting the creation of new teams from managerial positions.

Among others, the most in-demand cybersecurity positions are: Ethical hacker, CISO, CSO and DPO. Different types of professionals responsible for managing this issue are:

• CISO (Chief Information Security Officer): Responsible for aligning the cybersecurity strategy with the company’s objectives. In charge of establishing security policies based on the activity of the company and setting up the necessary measures and controls.

• CSO (Chief Security Officer): Responsible for the internal security of the organization. Establishes continuity plans, has a complete vision of the business, is up to date with regulatory changes, knows the possible risks in cybersecurity, etc..

• DPO (Data Protection Officer): Has a legal and regulatory compliance profile and, according to the new European Data Protection regulations, will be a mandatory position in Public Organisations and in certain private companies.

• Security Analyst: In charge of detecting any possible technical vulnerabilities in the company’s computer systems and networks.

  Security Architect: Responsible for designing the prior cybersecurity architecture to ensure all developments in the environment are secure.

• Ethical hacker: Up to date on the techniques used by cybercriminals. Tests companies’ security systems to analyse potential hazards and thus solve them.

• Forensic Specialist: Specialises in performing thorough postmortem analyses of systems and networks after a security or cyber-attack incident.

• Incident Specialist: Responsible for coordinating activities should security incidents occur and is responsible for activating the control plan so that the teams work in alignment and that incidents have the least possible impact.

• Head of intelligence: Expert in detecting and analysing external threats to protect the company’s reputatio

What skills are necessary? Although the skills will vary, generally speaking, we can say that cross-cutting knowledge, great analytical skills, and knowing how to work under pressure are required. At the technical level, they must be able to draw up plans to safeguard computer files; be proficient in the management of different operating systems, networks and programming languages; implement cryptographic protocols and security tools; analyse and detect threats and develop techniques to prevent them; know the current regulations and have a good command of malware analysis, among other capabilities.

How can these profiles be integrated into the organization? Depending on the size of the company, these professionals will be integrated differently. If they are hired internally, they are usually placed in the IT, Systems and Cybersecurity or R&D departments. However, they must always work closely with management and have a generalised approach that takes the other departments in the organization into account.

Internal training is of high importance. According to the latest data, more than 90% of security breaches are caused by non-compliance of the protocols by staff. That’s exactly why certain basics that protect the security of the company must be put into place: the identity of anyone who requests information must be confirmed; strong passwords should be used; the saving of sensitive company information on hard disks should be avoided, the installation of programs from unknown sources should be prohibited, antiviruses on computers must always be updated…

Take out a cyber insurance policy. Many insurers offer cyber risk insurance as a solution to possible threats. They usually cover both the damages to the company as well as the economic damages that may be caused to third parties or to the employees themselves. Of course, to be able to take one out, a certain level of security must already be in place.