Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Latest Comment: We've got a new caption contest! Enter and win a $$25 Amazon gift card.
7 Threats & Disruptive Forces Changing the Face of CybersecurityThis Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Tweet This
0 Comments
User Rank: Ninja
4/22/2019 | 7:25:14 PM
Automation and Orchestration - Two major trends are driving enterprises toward greater security automation across the board. First of all, security is using automation to scale incident response and security analysis to keep up with ever-multiplying threats. Second, as DevOPs and continuous delivery of software become de riguer at many organizations, the table stakes for IT automation across the board has risen considerably
Data Science - "Data science is as much a method and an approach
Coding - First of all, it's crucial for application security in a DevSecOps environment that requires optimal collaboration between security and development functions.
Privacy Expertise - Almost one in four cybersecurity professionals surveyed by ISSA say they don't believe they've been given the right level of training on data privacy.
Secure Cloud Management - According to Gartner experts, the drive to improve cloud security competencies in the face of massive enterprise shifts to the cloud is among the top seven security and risk management trends for 2019
Business Acumen - According to the ISACA study, "the most-prized hire in a cybersecurity team is a technically proficient individual who also understands business operations and how cybersecurity fits into the greater needs of the enterprise."
I have looked at this list, this seems to be unreasonable because the shortcomings of individuals who work in higher-level positions don't want to understand the intricate aspects of security. An article was written that talked about executives not having a clear strategic path or goal to address security issues. Now it is one of the main focuses as to how the business runs, the executives want to move their business requirements to staff members.
Let's be honest, with all the things organizations are asking from security experts, it sounds like they are trying to blur the lines instead of hiring competent personnel in those specific areas. Because if they want someone who has Data Science, AO, Business Acumen, Cloud Management, Privacy Expertise and coding, then why would they continue to work for that company, they should work for themselves because of their extensive skill-set (having all of that is invaluable).
The other thing that is not being addressed by companies is the fact that they don't want to pay for individuals who have years of experience with an assortment of skills. In the article where the gentlemen stated he wanted "coders", but what he did not say was that he wanted to hire those individuals fresh out of school or at a discounted rate (a lot of the coders are coming from overseas and their rates are much lower than the American rate). Companies want individuals who can look beyond code; but when it comes to compensation, the manager is the one who does the hiring and they often back away from bringing in a personnel with those skill-sets because that person would eventually take their job, it is sad, but it is just human nature.
Todd