The IT security skills gap is affecting everyone, especially the channel
In today's world security is proving to be a significant challenge for the IT industry, especially the channel, according to CompTIA, the Computing Technology Industry Association.
Panel discussions at the latest series of ANZ channel community meetings held by CompTIA highlighted the fact that channel providers need to spend time discussing security with their customers, get to know their business needs, and stay engaged so they can provide ongoing advice as needs arise.
The panellists from Cisco, FireEye, Intel, and CyberArk discussed the future of the security landscape in Australia and New Zealand which, like the rest of the world, can expect a continuing evolution of both the threat landscape and the technology aimed at holding threats at bay. At the same time, certain technology, such as mobile devices, look set to come under greater attack over time, CompTIA says.
The ANZ Channel Community meetings also featured roundtable discussions, which covered security-focused topics as far ranging as the cloud, social engineering, disaster recovery, social media, and best practices for selling security in the channel.
Moheb Moses, CompTIA director Channel Dynamics and ANZ Community Director, says, "Unsurprisingly, social media featured prominently in the discussion. The proliferation of social media platforms continues to provide an extremely effective way of duping someone into releasing sensitive information or cracking login credentials.
"It's no longer an acceptable practice simply to lock down social media platform usage among employees. Instead, organisations need to provide training for, and put trust in, their employees. To make this strategy work for everyone, it is essential to put in place a clear agreement between the organisation and the employee about how to handle social media."
At the same time, the IT skills gap in Australia is also affecting the security landscape, with 86% of attendees at the March meetings saying that some degree of security skills gap existed in their organisation. Almost as many attendees (81%) said that they plan to minimise their IT security skills gap over the next year by partnering with other firms.
The emerging areas of cloud and mobile are the most important security skills to organisations in terms of ensuring high levels of IT staff expertise and minimising skills gaps (63% cloud security and 50% mobile security) according to attendees at the March meetings.
Other security skills of importance include backup/disaster recovery (45%), email (45%), education (45%), identity and access management (43%), and risk management (40%).
Three key takeaways from the panel, according to CompTIA are:
- Meaningful conversations with customers about the threat landscape is an important step for channel partners. They should ask customers all the critical questions about their business, then build a team of talent to help take them to the next level.
- Make sure customers truly know what their risk profile is based on the threat environments. This will help channel players deliver the best security services to their customers.
- Threats are always going to remain evasive. Attackers are always going to pivot to points of weakness, no matter where they are. Right now, it's all about smartphones, and this is likely to continue for some time.