With today’s cybersecurity attacks rapidly escalating to never-before-seen proportions and new threats constantly emerging, IT and cybersecurity professionals should be able to quickly pivot and develop the knowledge and skills to defend against these threats. However, a new study suggests that it takes more than three months for that to happen.
According to cybersecurity firm Immersive Labs of 35,000 cybersecurity professionals at 400 large organizations, it takes more than three months to develop the skills, knowledge and judgement to defend against emerging threats.
That lag is especially true in the infrastructure and transportation sectors, where it takes more than four months to develop skills after a threat emerges.
The firm’s study found that cybersecurity teams are prioritizing upskilling when it comes to defending against high-profile threats. For example, cybersecurity teams responded quickly to the Log4j vulnerabilities, with teams developing necessary skills within just two days.
Similarly, security pros are quick to defend against high-profile threat groups, including foreign nation-state actors and ransomware groups. The study singled out the alleged Russia-sponsored group that leveraged the SolarWinds Orion platform to infiltrate U.S. agencies and other organizations, saying that the skills to defend against that threat were developed eight times quicker than average.
Rebecca McKeown, director of human science at Immersive Labs, said in a statement that this data illustrates that the cybersecurity community needs to do a better job of responding quickly to all emerging threats, not just a select few high-profile ones.
Related: Cybersecurity Skills Gap Is Getting Worse, Report Says
“Cybersecurity presents a unique skills development challenge for humans,” McKeown said. “Responding to a hybrid real-world and digital battlespace which is always changing means continuous skills development is crucial to preventing skills decay and building cognitive agility.”
However, some industries are more prepared than others, including technology and financial services, which run nine and seven cyber crisis exercises per year, respectively.
Alarmingly, critical infrastructure organizations prepare the least, with just one exercise per year, according to Immersive Labs.
Another pain point identified by Immersive Labs’ study was ransomware, with the threat making up seven out of the top 10 least confidently answered cyber crisis scenarios.
On the flipside, application security teams are able to develop cyber capabilities faster than their counterparts defending the organization. According to the report, 78% of application security exercises are completed faster than expected, as opposed to 11% for cybersecurity labs, with the latter taking an average of 17 minutes longer than expected.
In a statement, James Hadley, Immersive Labs’ CEO, said the report illustrates the need for large organizations to gain visibility into their cybersecurity capabilities.
“Without measuring the ability of technical and non-technical teams to mitigate risk, a critical part of resilience is missing,” Hadley said. “Gaps in cyber knowledge, skills and judgment can have the same impact as technical vulnerabilities.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply