Last year’s cybersecurity trends are important in 2023 because they set the stage. Both companies and cyber criminals know the “new normal” of IT at a distance well. While WFH isn’t a new threat this year, its only a matter of time before attackers compromise multiple, insecure home networks at the same time to manufacture a massive scale breach of critical systems and services. It makes sense. With many staff using home broadband connections for both personal use and their jobs, the corporate attack surface has increased by a lot.
The next point is the rush to cloud-everything as this will cause many security holes, challenges, misconfigurations and outages. The sheer amount of security alerts, of potential threats, is too much for humans to handle alone. Already, automation and machine learning help human security analysts separate the most urgent alerts from a sea of data, and take instant remedial action against certain threat profiles. A July article in VentureBeat noted that Chase is using machine learning not only to target customers with more appealing marketing campaigns; the banking giant uses supervised and unsupervised machine learning algorithms to identify known and novel security threats.
Consultancies are hiring most of the experienced IT Security professionals in the market and paying quite a bit of money which in turn will drive up average salaries. It is imperative you hire a thought leader who is known in the market and can attract this talent from consultancy to in-house. By hiring this critical role, it should ensure you hire talent that little bit easier and retain it.
We would highly recommend developing an internal training structure for IT technicians/Network Engineers to develop capability in IT security, whether delivered through external training consultancies or through your own senior personnel. Offer paid security qualifications to help them to progress – turning a business need into an employee benefit that supports retention.
|£35,000 - £60,000
|£65,000 - £85,000
CompTIA A+ / Network+ / Security+
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CEH (Certified Ethical Hacker)
GIAC (Certified Penetration Tester)
CISSP (Certified Information Systems Security Professional)
CISMP (Certificate in Information Security Management Principles)