Ensuring Robust Cybersecurity Requires Both Man and Machine
By Arijit Banerjee
Throughout May and June 2017, a cyberattack originating outside India hit 48,000 systems nationwide, exposing the lack of cybersecurity readiness of critical installations and facilities in the country. More importantly, the ransomware attack affected the services of a government portal, while also crippling operations at one of the three terminals of India’s largest container shipping port. How prepared are we to tackle evolving cybersecurity threats? Does India have the skilled human resources to improve the cybersecurity posture of organisations?
Kaspersky Labs states that the growing digital sector makes India increasingly vulnerable to ransomware attacks with banks leading the vulnerability quotient. Yet, according to the 2017 Global Information Security Workforce Study, there will be a shortage of 1.8 million cybersecurity workers worldwide, by 2022. How can you address the paucity of skilled cybersecurity specialists?
Hands-on experience and industry inputs critical to cybersecurity training programmes
Acting on the need for skilled cybersecurity resources, the Data Security Council of India (DSCI), Sector Skills Council National Association of Software and Services Companies (SSC NASSCOM), and the Information Systems Audit and Control Association (ISACA) joined forces last year to build a long term roadmap to address the cybersecurity skills shortage. To train a qualified cybersecurity workforce, the industry has to leverage the services of the academia as well as edtech training organisations. By leveraging the services of industry experts and global resources, universities can address challenges such as quality of training, capability limitations, and availability of specialist trainers. Industry inputs and ongoing industry-academia knowledge exchanges are critical to ensuring the relevance of the programmes that the universities and research centres develop.
While industry bodies such as the Confederation of Indian Industry (CII) and NASSCOM are best placed to set the broad contours of the training programmes, the infrastructure of specialised professional training companies, edtech startups, and security consulting companies are needed to execute the training programmes and effectively deliver the training.
A model that training organisations, the industry, and government bodies in India can emulate is the cybersecurity apprenticeship model of the Department of Labor in the US. This is because hands-on training with up to date curricula is essential to tackling evolving threats such as autonomous malware. The US Department of Labor’s (DOL) apprenticeship framework in cybersecurity encompasses eight primary job functions, and a wide array of job-related competencies and technical skills. In the US, apprenticeships qualify people for specific, employer-defined jobs through training in real-world settings – faster than a traditional four-year college path does. 90% of the apprentices are ultimately absorbed by the industry.
In April 2017, Manipal Global Education Services (MaGE) and Deakin University of Australia announced a strategic alliance to start education and training programs in the cyber security space and established a Data Science and Cyber Security Centre of Excellence. This is a key step toward building a workforce of skilled cybersecurity professionals in India.
Can AI and machine learning replace humans in cybersecurity processes?
Autonomous malware, which is built using machine learning (ML) can infiltrate a system, collect and communicate data about that system, and remain undetected for days. Since most cybersecurity attacks are caused by human errors, can Artificial Intelligence (AI) and Machine learning replace humans in cybersecurity processes to deliver fool proof systems? Or does a robust cybersecurity process need both man and machine to work together?
An ideal combination of man and machine is the key to providing a better security posture and easing the shortage of skilled cyber personnel. This approach is expected to create cybersecurity processes that are capable of identifying both known and unknown threats and stop them in real time. The man-machine combination addresses two key cybersecurity concerns:
- Organisations can prioritise a prevention-based approach by which a majority of the decision-making process is automated and integrated in the security platform. The outcome: security teams are only engaged after the malicious activity has been terminated.
- Chief Information Security Officers (CISOs) are often reluctant to automate high-skill, high-stakes functions like vulnerability remediation or firewall change provisioning. If automation is left to run without proper checks and balances, it can potentially compound operational issues and compromise security.
In essence, AI automated tasks and workflows not only reduce initial resource burdens but they also produce downstream time-savings by avoiding rework due to human error or unforeseen security issues. Supplementing them with human supervision ensures robust security.
Evolving threats demand a modern approach to cybersecurity training
The demand for cybersecurity talent is high in sectors such as consulting, retail, government, BFSI and IT. Cybersecurity training institutions that provide education not only in technology but also in proactive techniques of cyber security and investigation offer a distinct advantage to learners. What’s the advantage? They are equipped to offer next-gen cybersecurity training that is agile enough to adapt to emerging threats. With complex technology stacks being the norm today, a realistic environment is critical to training security teams. Such a training engages users through repetitive active learning principles while using AI and machine learning to enhance the training content. The future of cybersecurity training involves working with real-life tools against actual malware in high-fidelity environments. Training as a team in realistic environment helps you increase the effectiveness of the training for your organisation. What’s more, a team-based training approach helps you develop cybersecurity leaders who can tackle cybersecurity needs holistically.