J Patrick + Associates Blog

Is Your Cybersecurity as Solid as Your Building Security?

Posted by Kathleen Merz on Fri, Jun 24, 2016 @ 03:40 PM

It's not just about virus protection anymore

When thinking about security for your business, you’ve no doubt seen to it that your office building is well-protected. You’ve got an an alarm system, security cameras and/or a guard posted at the front at your building.

But there is another vulnerability that you might be overlooking that could do way more damage than anything lurking outside.

Increasing Costs of Invisible Threats

The alarming acceleration in the growth of cybercrime is making it difficult for analysts to zero in on what the real cost to businesses is, but it’s reaching record levels. One of the latest findings, according to the IBM Cost of Data Breach Summary is that attacks are growing in both volume and sophistication, increasing overall by 64% in 2015 from 2014, and steadily rising.

The higher complexity of these recent attacks are costing companies more than ever before. The study found that each compromised record can cost $158, with an even higher cost impact in regulated industries like healthcare - a whopping $355 per record. That can add up astronomically when there are thousands of entries.

 

It’s not Just About Virus Protection Anymore

These sophisticated attacks are getting smarter and stealthier, and can wreck havoc on your business unless you’ve got someone watching specifically for them. An undetected breach, even it it's only for a short period of time, can result in a potentially severe impact to both your business and your customers.. Each minute that the data remains vulnerable, the costs of containing the hack skyrocket.

The only way to mitigate the damage is to have a cyber security response team at the ready to perform incident forensics, stop data leakage, and report the breach to the appropriate agencies, partners, legal and customers immediately. A surprising amount of organizations, even ones in critical sectors like energy and utilities, are not prepared enough to deal with a serious attack.

 

An Ounce of Prevention…

With the cost of the average data breach climbing up to $4 million an incident, the only offense is to build the strongest defense and apply enterprise risk management. Given the growth and strength of the threats, security breaches have to be factored into the cost of doing business at this point. Investing in cybersecurity failsafes before you face a catastrophic problem is crucial, as it may be it’s too costly and difficult to play catch-up after an attack.

 

Calling in the Cavalry

Following increased reports of worsening high profile attacks, more and more companies have decided to take the proactive route, and are turning their ships in the right direction and making it a priority to recruit the right cybersecurity talent to properly protect their critical data.

hiring cyber security professional talent

Source: IT NEXT

No one wants to be the next Home Depot, (that recently agreed to pay at least $19 million to 50 million cardholders) or the Democratic National Committee, whose computers got infiltrated and combed for months only to have sensitive campaign information leaked, or completely lose the ability to provide service to customers, so what is a company to do?

 

According to Radware, Organizations under threat should consider:

  • A cyber security emergency response plan that includes an emergency response team and process in place.

  • Protecting its infrastructure from multi-vector attacks that can saturate the Internet pipe.

  • Including on-premise detection and mitigation with cloud-based protection for volumetric attacks.

  • Providing protection against sophisticated web-based attacks and website intrusions to prevent defacement and information theft.

  • Monitoring security alerts and examine triggers carefully. Tune existing policies to allow identification of real threats if and when they occur.


If you’re considering adding cybersecurity experts to your organization, you should:

    • Find the right expert for your business size and function. If you’re smaller, you can consider someone that fits a few classifications. If you’re larger, be prepared to go for a more specialized team if you need to protect a wealth of critical personal information.

    • Don't delay beginning your search. Some organizations are reporting that it can take 3-5 months to fill a senior position in some sectors.

    • Get help recruiting the perfect candidate, someone who fits what your business needs right now, as well as who seeks to adapt, keep up certifications and will grow as you and the tech changes.

 

 

 

 J. Patrick and Associates serves Information Technology firms that are looking to improve or expand their teams in mission-critical functions, where the success of the firm is highly dependent on the quality of certain hires. If your goal is to build a star cybersecurity team, contact us today:

Tags: Information Security, HR and Hiring, cyber-security, recruiting

Looking For Job Security? Think Cyber-Security

Posted by Alysa Wishingrad on Tue, May 24, 2016 @ 11:00 AM

job security cyber security

   

It’s an exciting and dynamic time in the cyber-security job market. Demand for security talent is outstripping demand at all levels from CISOs to first-level security support roles. This is a field offering salaries that are typically 9% higher than other tech roles, and more than that, it offers outstanding job security.

As long as there are bad actors out there who are looking to disrupt systems and steal information, there will be work for a large field of good guys determined to protect corporate and consumer data.

The Definition of a Growth Industry.

According to an article in Forbes, the security market, currently valued at around $75 Billion is expected to grow to $170 Billion by 2020. This translates to job growth a rate of 18%, (much faster than the average). When labor markets get this tight, employers of all types have to scramble, improvise and adapt.  This means that companies, institutions, government agencies, vendors and service providers have to invest in recruiting and retaining skilled security professionals, as well as dedicate more resources to training both current employees, and new hires from related fields.  

For candidates, this means more opportunity to work on technology and projects they have not previously been exposed to, increased security-focused responsibilities and larger budgets for vendor training, industry certifications and degree programs. It also means being afforded the time to attend these trainings.  

This environment of scarcity of skilled talent and increased resources means that entry into a security-focused role from another adjacent technology domain is easier than ever. Current employees will “get their shot” at responsibilities or positions they may not be 100% ready for (that word “qualified” is loaded, isn’t it!?).  And external candidates may also get hired despite having steeper learning curves in a particular industry or field.

The Burning Glass Report from 2015 identified that four years of experience is required for two-thirds of cybersecurity job postings. In their survey,  83% of survey respondents had four or more years of experience, as illustrated below in Figure 6.

 

How many years of experience do you have in IT Security  

“It is also interesting to note, however, that the majority (60%) of our respondents has 10 years or less of experience, an indication that new talent continues to be attracted to the field. Both government and private industries are contributing to building the future workforce with awareness campaigns on the careers available and skills needed, as well as scholarships and opportunities to test for aptitude.”

If you’re already in tech, but not at a company that’s willing to invest in your transition to security, begin working on certifications on your own. Then, when you’re ready to look for a new position, you’ll be all the more appealing to potential employers. But remember, the smart companies are the ones who are looking for candidates with adjacent qualifications, they know the market is too tight to go shopping for perfection.

If you think you’re ready to make the transition into cyber-security, contact our recruiters to discuss your potential move into this secure, exciting and well-paying field.



Tags: Job Search, network security, cyber-security, recruiting