7 Cyber-Security Skills In High Demand - InformationWeek
IoT
IoT
IT Leadership // Security & Risk Strategy
News
8/8/2016
07:06 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail

7 Cyber-Security Skills In High Demand

Businesses around the world report a shortage in cyber-security talent. Here are the skills IT managers should be seeking to keep their data secure.
2 of 8

Intrusion Detection
Most respondents (53%) who participated in the survey released by Intel Security claim the cyber-security talent deficit is worse than the skills shortage in other IT professions. Intrusion detection is one of the cyber-security skills in 'critically short supply,' according to the report.
Intrusion detection involves discovering potentially harmful activity that could compromise the confidentiality, integrity, or availability of information, according to the SANS Institute. There are a few common types of intrusion detection. Network-based detection attempts to detect unauthorized behavior based on network traffic. Host-based detection tries to find illicit activity on a specific device. Physical detection involves finding threats on physical systems.
(Image: Weerapatkiatdumrong/iStockphoto)

Intrusion Detection

Most respondents (53%) who participated in the survey released by Intel Security claim the cyber-security talent deficit is worse than the skills shortage in other IT professions. Intrusion detection is one of the cyber-security skills in "critically short supply," according to the report.

Intrusion detection involves discovering potentially harmful activity that could compromise the confidentiality, integrity, or availability of information, according to the SANS Institute. There are a few common types of intrusion detection. Network-based detection attempts to detect unauthorized behavior based on network traffic. Host-based detection tries to find illicit activity on a specific device. Physical detection involves finding threats on physical systems.

(Image: Weerapatkiatdumrong/iStockphoto)

2 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Ludivina
50%
50%
Ludivina,
User Rank: Apprentice
4/7/2017 | 8:19:13 PM
Instagram followers
Yea, it is just wonderful to see how the security changes can make a huge impact on the cyber-net.
Benefiter
50%
50%
Benefiter,
User Rank: Apprentice
11/17/2016 | 2:41:45 PM
Re: efekt synergiczny gdańsk
I am glad that you shared this helpful information with us.
Benefiter
50%
50%
Benefiter,
User Rank: Apprentice
11/12/2016 | 9:54:04 AM
Re: pisanie tekstów dodatkowy zarobek
Thank you, I've been seeking for info about this subject matter for ages and yours is the best I have discovered so far.
Benefiter
50%
50%
Benefiter,
User Rank: Apprentice
11/3/2016 | 9:18:56 AM
Re: Quotes : Happy Birthday

It's actually a cool and useful piece of information. I am glad that you shared this helpful information with us.
DonT183
50%
50%
DonT183,
User Rank: Apprentice
9/7/2016 | 1:06:51 AM
Re: Just be the point of reference
Except Social Engineering is exactly how we defeated multi-factor authentication at Banks and Classified Engineering facilities.  How else will the smoker let you in the badge access door if your hands are not busy?  How else will the nice lady put her thumb on the biometric sensor to let us in to meet the CISO?  Who else would assume because you cannot get throught the door without a badge that it is OK if the screen saver lockout does not engage?  Two factor as a mitigation for Social Engineering?  That really is funny.

Now turning our antics into training video for staff on what not to do when a stranger penetrates the building security -- that is both lesson learned and enjoyed.  A whole firm got video clips, popcorn and fun jokes and never forgot it.  The picture of my InfoSec team member in an Electrician's suit who has no idea what half the tools in his belt are for is a priceless picture.  
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
8/16/2016 | 8:17:27 PM
Re: Just be the point of reference

@Markjfowler    Thank you for your advice and insight.   I appreciate your examples of carrying out Two Factor authentication, something I will experiment with in the future. 

And I agree, company backing is paramount, since there has to be some sort of repercussion for careless practice.

Markjfowler
50%
50%
Markjfowler,
User Rank: Apprentice
8/16/2016 | 11:42:42 AM
Re: Just be the point of reference
The social engineering threat can be mitigated by Two Factor authentication.  These can be device identity certs or better would be RSA Tokens (either from a dongle or a smart-phone app.)  Combine that with standard login security and a corporate policy that includes termination for passing off the security token.  If you don't protect all parts of the 2-factor, it becomes useless.  If somebody leaves their token plugged into their computer and then lets another person log in, that could be termination or at the least a Human Resources file memorandum.  There has to be a stick to smack fingers with, or two-factor is another expensive speedbump with a hole in the middle.
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
8/15/2016 | 6:48:51 PM
Re: Just be the point of reference

@vnewman2     That is great that everyone gets to get their hand in the Security Pie.   And I like your message to endusers.   As a sys admin ( and the only IT ) for an SMB, I feel weighed down by security even though I understand it's importance of course.

I just recently had a security audit on my network, so I am interested in learning the results thereof, I am relatively confident that structurally our security is fine, however I have a social engineering threat alive and well within the company and I am trying to patiently coach them, even though I would think anything I am conveying is actually common sense.  

Oh Well, not everyone thinks about this stuff.

umutarcn
50%
50%
umutarcn,
User Rank: Apprentice
8/12/2016 | 7:39:47 PM
Quotes : Happy Birthday
Merely having someone who's job it is to be on top of that stuff is more than most organisations seem to do right now, so it's a good starting point.
vnewman2
50%
50%
vnewman2,
User Rank: Ninja
8/12/2016 | 5:19:13 PM
Re: Just be the point of reference
@Technocrati - Agree and think there will always be some sort of human intervention needed but obviously the level of involvement will change.  I work for a global company our "security team" is a hodge podge of network engineers, enterprise architechts, data comm, various admins, the Exchange team, etc.  Actually we tell all of our IT people that we are on the "security team."  When we've done presentations to the masses, we tell them as an end-user, they are too (to the degree that they can not do anything to inadvertantly set up an attack.)
Page 1 / 2   >   >>
Register for InformationWeek Newsletters
Video
Current Issue
The Next Generation of IT Support
The workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll