Data breaches are becoming seemingly more and more frequent. In fact, there is an attack every 39 seconds. Now it’s unlikely that we’ll face a world crippling attack as dramatised by the likes of Die Hard 4.0 and Fast and Furious 8, but it’s these mounting numbers of smaller hacks that are slowly eroding public trust. Research by LogRhythm has shown that 80% of the UK public implicitly do not trust organisations to keep their data safe.
So, with more and more attacks, and less and less public trust, why are companies still adopting a reactive approach to cybersecurity?
It doesn’t drive profit (or does it?)
Well, in a small to medium sized business, cybersecurity may simply not be on the agenda. It’s costly and doesn’t drive sales, so it’s likely that these measures are simply left on the curb in favour of profit-driving initiatives. But, a 2017 survey shows that 89% of cybersecurity decision makers believe that improving their security measures would drive up customer loyalty.
But, what about large businesses? While they may have the resources to have a cybersecurity team, there is also much more room for error. It only takes one employee to reply to a phishing scam for the whole company to be at risk.
But, whatever the excuse may be, reactive cybersecurity measures simply don’t cut it. It’s no longer a matter of if you get attacked, it’s when.
There’s a lack of talent
However, perhaps a more pressing issue when it comes to cybersecurity is the overwhelming lack of talent in the area. A report from Frost & Sullivan and (ISC)2 found that by 2020 the global cybersecurity workforce will have more than 1.5 million unfilled roles.
There are already some initiatives in place to help plug this worrying skills gap such as The Cyber Schools Programme which is aimed at those aged between 14 and 18, with a target for at least 5,700 teenagers to be trained by 2021. We’ve also made cybersecurity a core feature of our courses, recognising that learning to code securely is really the only way we should be learning to code. But businesses themselves have to support this endeavour – by offering apprenticeships and other junior job opportunities for those starting out.
But more than this, we need to shout about cybersecurity from the rooftops. Because, not only do we need more cybersecurity professionals, but we need more people to be interested in cybersecurity – that’s the surefire way to ensure that we have enough enthusiastic talent going forward.