Editor’s Note: This is your weekly cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive weekly updates here.
Consider this. The Defense Department’s Joint Regional Security Stacks (JRSS) program is being shut down for now, because it is behind schedule, undermanned, riddled with connectivity and security issues, according to an internal Pentagon evaluation report released yesterday. JRSS is part of major IT reform to reduce the DOD’s vulnerabilities and access points. According to the Federal Computer Week article, Citing cyber risk, Pentagon watchdog wants to pause JRSS, the “lack of personnel seems to be one of the biggest challenges to the JRSS. The Army ‘could not certify that they had sufficient manning to assume the JRSS mission’ and the Defense Information Systems Agency, which is the prime integrator for the program, reported that it was 17 government positions short, needing more engineers, administrators, development operations managers, and project managers.”
Across the government, businesses (large and small), organizations, and educational institutions, there is an enormous need for IT security experts to protect people and their information in today’s ever-increasingly volatile world. As discussed in Cyberattacks are a growing problem, but so is the shortage of cybersecurity workers, there continues to be a major shortage of talent in the IT security ranks.
The statistics are staggering. According to the latest (ISC)² CYBERSECURITY WORKFORCE STUDY, 2018, the shortage of cybersecurity professionals is close to three million globally. Sixty-three percent of respondents report that their organizations have a shortage of dedicated cybersecurity staff.
In the United States alone, the need for cybersecurity experts is growing exponentially. “There’s at least hundreds of thousands, if not over a million, unfilled cyber jobs in the United States,” says Will Carter with the Center for Strategic and International Studies.
Workforce development is one of the top priorities for the Oregon Cybersecurity Advisory Council (OCAC) as was reported this week by Oregon Business.
In addition, education programs across Oregon are seeing a rise in students pursuing cybersecurity programs. For example, Oregon State University, Mt. Hood Community College, and other schools have been pressing hard to train and get as many skilled cybersecurity workers as possible ready to enter into and be effective in this growing field. Additionally, the recently announced Warner Pacific University’s sourceU is another option in downtown Portland that is working to train more cybersecurity professionals. Cyber Oregon covered that news here
Bret Fund, an expert with Secureset Cybersecurity Academy, says the massive data breaches we keep hearing about helped fuel businesses to hire more cybersecurity workers to protect customer and company data. “For the last four years, there’s been this absolute explosion of the need for these people, and there’s no way the job market can catch up to that,” said Fund.
In order to provide the highest level of security to protect data, companies must ensure that the IT staff is supported by company leadership, and employees need to follow the guidelines that the IT staff develops. It’s this type of team effort that will help protect employees and companies from hackers.
What’s more, there are multiple threats on the international level backed by rogue governments that can spend millions of dollars to pay hackers to do their dirty work. Just this week the Director of National Intelligence, Dan Coats, testified before Congress about cybersecurity threats from around the world. “China, Russia, North Korea, and Iran are advancing their cyber capabilities, which are relatively low cost and growing in potency and severity.”
Yet even with the doom and gloom being discussed, there are ways that people and companies can improve their chances of protecting themselves from hackers.
Forbes technology council member Paul Lipman highlighted three ways that protection can be improved in Three Trends That Could Keep Cybersecurity On Its Toes In 2019:
- Identify your weakest link: For all of the promise of the internet of things, there is a huge security risk involved. It’s important to know what devices are connected to your network, identify users and understand typical behavior to help pinpoint unusual behavior, and make sure that all of the software is up to date.
- Artificial intelligence is a double-edged sword: Will computers take over the human race? Not likely. Lipman suggests that companies “create multiple layers of protection to ensure attackers can’t easily infiltrate or take advantage of human error. It also helps to customize open algorithms or use a diverse set of algorithms so that if one is attacked, the others can spot the anomalies.”
- Service providers need to raise their game: Increasing competition from communication service providers (CSPs) and internet service providers (ISPs) demonstrate that they need to find ways to differentiate their services from their competitors. New services require advances in security in order for customers to buy the services. The increase in competition will help lead to improvements in IT security services.
Cyber Oregon partner blog post of interest
- Sword & Shield: Implementing Defense in Depth in the Cloud