Tech,Space,Gaming, and Science Fiction News to wet your whistle
The Cybersecurity Skills Gap: An Update for 2020
The gap in trained, experienced cybersecurity workers is one of those perennial problems: much ink is spilled every year in assessing the scale of the problem, and what can be done about it. We have recently pointed out, for instance, the importance of stopping attacks before they happen, and the fact that you can't hire your way out of the skills shortage.
As we move into 2020, it's apparent that despite this focus on the problem, it has not been solved. There is still a huge skills gap when it comes to cybersecurity, and in many ways, it is getting worse. According to Cyber Crime Magazine, there may be as many as 3.5 million unfilled cybersecurity jobs by 2021, and recent high-profile cyber breaches provide further evidence that the problem is already becoming acute.
That said, there are some new trends emerging when it comes to managing this crisis. In this article, we'll take a look at some of the innovative ways that companies are getting around the problem.
The Widening Gap
First, some context. At the most basic level, the skills gap in cybersecurity is the product of a simple fact: there are more cybersecurity positions that need to be filled than there are qualified graduates to fill them. This is despite colleges encouraging students to study cybersecurity, and despite companies encouraging their existing employees to retrain.
Look a little deeper, however, and some other reasons for the shortage becomes apparent. One is that a worrying number of qualified professionals are leaving the cybersecurity sector. At cybersecurity conferences, it's not uncommon to see entire tracks about managing mental health, addiction, and work stress. As these experienced professionals leave the sector, this puts more pressure on younger, less experienced colleagues.
Secondly, a major source of stress for cybersecurity professionals is that they are often assigned total (or at least partial) responsibility for the losses caused by data breaches. In many cases, this is unfair, but persists because many companies still see "security" as a discrete discipline that can be dealt with in isolation from other IT tasks, corporate processes, and reputation management.
Training and Development
Addressing these issues requires more than just increasing the number of qualified graduates. Instead, businesses need to take more innovative approaches to hire, train, and retain cybersecurity staff.
These approaches can be broken down into three types. The first is that cybersecurity training needs to change from an event into a process. Some have argued that traditional, classroom-based cybersecurity training doesn't reflect the field and that this training needs to be delivered in a more vocational way. Instead of hiring one cybersecurity expert, companies should look to train all of their employees in the basics of cybersecurity.
In fact, even cybersecurity professionals might benefit from this type of training. Despite companies being resistant to spending more on employee training, investing in training has one of the highest ROI that investors can make. In addition, recent developments have made it clear that continuous training is needed – concerns about the security implications of 5G networks, for example, are now forcing seasoned professionals to go back to school.
Secondly, dramatic gains in cybersecurity can be achieved without employing dedicated staff. One of the major positive outcomes of the cybersecurity skills gap, in fact, has been the proliferation of free, easy to use security tools (like VPNs and secure browsers), which aim to make cybersecurity "fool-proof", even for staff with little or no technical training. These tools can be used to limit the risk of cyberattacks without the necessity of complex (and expensive) dedicated security solutions.
Third, the rise of "security as a service" suggests that the cybersecurity sector of the future is one that relies on outsourcing and subcontracting. Plenty of companies already outsource business processes that would have been done in-house just a few years ago – everything from creating a website to outsourcing pen testing – and taking this approach may provide a more efficient way to use the limited cybersecurity professionals that are available.
AI Tools: The Future?
Another striking feature of the cybersecurity skills debate, and one which is especially apparent as we move into 2020, is the level of discussion around AI tools.
Unfortunately, assessing the level of efficacy of AI tools when it comes to improving cybersecurity is difficult. That's because many cybersecurity professionals are skeptical when it comes to AI is a useful ally in this fight. In some ways, they are undoubtedly correct: in a recent study, one popular AI-powered antivirus was defeated with just a few lines of text appended to popular malware.
On the other hand, it must be recognized that cybersecurity pros have a vested interest in talking down how effective AI tools are. If AIs were able to protect networks on their own, after all, cybersecurity pros would be out of a job. Or rather they would be if there were not so many unfilled cybersecurity vacancies.
Ultimately, given the lack of qualified or trained professionals, AI tools are likely to continue to be a major focus of investment for companies from 2020 onwards. This, in turn, entails that IT professionals overcome some of their reticence about working with them, and begin to see AIs less as competitors and more as collaborators.
The Bottom Line
It's also worth pointing out that the individual trends we've mentioned can be seen as working against each other. In some cases, companies have attempted to overcome the skills gap by training large numbers of employees to perform cybersecurity roles. Others have gone in the other direction – outsourcing specific aspects of their cybersecurity to hyper-specialized companies. Others are taking a gamble that AI tools are going to eventually replace the need for (at least some of their) cybersecurity professionals.
Which of these trends is eventually going to dominate the market remains to be seen, but one thing is clear: 2020 is a critical juncture for the entire cybersecurity sector.
NextVR has been partnering with the NBA to livesream games for the last two years , and now it's going to cover the upcoming Finals. After each game, the service will upload free-to-watch highlights in a new high-resolution format to its dedicated NextVR app, which works with most virtual reality headsets. Those with higher-end VR gear like the HTC Vive Pro will be able to fully appreciate the higher-resolution format, according to a press release. The company's partnership with the NBA continues to be the only regular VR sports programming across all mainstream American sports (along with the occasional golf tournament ). via Engadget RSS Feed https://ift.tt/2JmjptE If New feed item from http://www.engadget.com/rss-full.xml , t
ASUS is moving further into the cryptocurrency hardware market with a motherboard that can support up to 20 graphics cards, which are typically used for mining . The H370 Mining Master uses PCIe-over-USB ports for what ASUS says is sturdier, simpler connectivity than other mining-focused motherboards. You can manage each port and graphics card with on-board diagnostics. One feature scans your system when you boot up to determine the status of each port, while there are onboard LEDs that signify a problem with components such as memory or the processor (there's space for an Intel 8th-gen Core CPU ). ASUS has added some other features to optimize mining as well. The H370 Mining Master follows last year's B250 Mining Expert, which had room for 19 CPUs via PCIe ports. ASUS says that board had far more sales than it expected, which prompted the company to keep t
I've been a big fan of Botnik Studios , the comedy group responsible for internet gems like the neural network-generated Coachella lineup poster containing bands like "Billions of Mario." They've been putting out consistently great parodies of Scrubs scripts , ads for beef , and handsome names for boats , each of them made using a predictive text keyboard. I was curious about what exactly this meant and how I, too, could utilize AI to create viral hits, so I called up Botnik Studios CEO and former Clickhole writer Jamie Brew to explain in the video above. Botnik has a browser-based Predictive Writer that you can load up with "voices", hence its name, Voicebox. It works in a similar way to your phone's predictive text, by suggesting a group... Continue reading… via The Verge - Tech Posts https://ift.tt/2LaYqr4