Content retrieved from: https://www.healthdatamanagement.com/list/10-top-cybersecurity-predictions-for-2019.

By Paulette Perhach – Nov. 7, 2018

A stunning statistic is reverberating in cybersecurity: An estimated 3.5 million cybersecurity jobs will be available but unfilled by 2021, according to predictions from Cybersecurity Ventures and other experts.

“It’s scary. Our power grid, our cars, our everyday devices — basically everything is online and able to be attacked,” said Georgia Weidman, author of “Penetration Testing: A Hands-On Introduction to Hacking.” Ms. Weidman is the founder of two cybersecurity companies, Bulb Security, where she is chief executive, and Shevirah, where she is chief technology officer. Shevirah specializes in security for mobile devices.

“It would certainly cause mass destruction if our power grid went down or our water pumps started going haywire or our dams decided to open all their sluices,” she said. “That’s actually something that could happen.”

According to a report released this year by the Identity Theft Resource Center, the number of data breaches tracked in the United States in 2017 hit a high of more than 1,500, up almost 45 percent over 2016. In one incident this year, the data of 29 million Facebook users was stolen.

In response to the sheer number of new digital gates that might be left open, employers and educators have had to become more creative in finding people to guard them.

They need penetration testers to simulate attacks to find and fix vulnerabilities that could be exploited by a real attacker.

They need malware analysts to find out what malicious programs do so they can protect from the attacks.

They need security researchers to discover new vulnerabilities in applications and other products — before the thieves do — so they can be fixed. They need security architects to make sure all the best practices are being followed.

According to the chief economist for LinkedIn, Guy Berger, there was a shortage as of September of 11,000 people with cybersecurity skills in the San Francisco Bay Area, 5,000 in New York and almost 4,000 in Seattle, the areas with the largest concentration of need. LinkedIn regularly issues work-force reports based on its analysis of jobs data in the United States.

Some major corporations have openly taken to hiring hackers to help protect them. An extreme example is Kevin Mitnick, who hacked into corporations, landed on the F.B.I. Most Wanted Fugitives list, went to jail for five years, but is now a security consultant to Fortune 500 companies and governments. As he says on his website about hackers, “It takes one to know one.”

Many companies are also putting less emphasis on the need for a college degree to qualify for a cybersecurity job, Ms. Weidman said. With an undergraduate degree in mathematics from Mary Baldwin College in Staunton, Va., and a master’s in computer science from James Madison University in Harrisonburg, Va., Ms. Weidman said she had seen how much hands-on experience really mattered in the cyberfield. That insight came early when she participated in the National Collegiate Cyber Defense Competition as a student.

The competition, which began in 2005, is held at colleges across the country and designed to test student teams’ abilities to detect and respond to outside threats and to protect services such as mail servers and web servers. The sponsors include high-tech companies like the defense contractor Raytheon and IBM, but also retailers like Walmart and transportation companies like Uber.

Recalling the difference between theoretical learning in college and hands-on experience, Ms. Weidman said she could do a lot of math about computer networking, “but could I actually manage a network at a company? Absolutely not.”

The people who were in community colleges would “wipe the floor with those of us at universities, because community colleges really were focused on how to do these things,” she said. “I think that people at the university level are starting to realize that we need more hands-on skills in cybersecurity, as well as just the theory.”

With that in mind, colleges and universities are changing their curriculums. Ms. Weidman is working with the Tulane School of Professional Advancement in New Orleans to build an online class for its Applied Computing Systems & Technology degree program.

At New York University, the Center for Cybersecurity has been operating for 20 years and graduates about 50 students annually. But this year, it created an online master’s program to help make the training more affordable in hopes of attracting more people to the field.

Students in cybersecurity get a 75 percent discount, so the master’s degree costs about $15,000, compared with about $60,000 for the traditional on-campus program. The online program enrolled 125 students in September and hopes to have 1,000 students annually within three or four years.

“Nationally, we graduate twice the number of psychology majors as opposed to engineers,” said Nasir Memon, professor and associate dean for online learning at the N.Y.U. Tandon School of Engineering. “We graduate as many park rangers as compared to computer scientists.”

Students frequently graduate in fields that lack opportunity for long-term careers, he said. If they want to switch to computer science in traditional programs, they can face daunting barriers, like multiple semesters of catch-up courses and a requirement to take the Graduate Record Examination.

“So one of the things we did is start a bridge program, where we say, we don’t care what you did in your undergrad; you could have done physics, anthropology, anything, just come on in,” Professor Memon said.

The welcome the school extends is in the form of an intense, four-month online program of computer science courses with a price of $1,500. If students pass, they are eligible for the full program.

This year, 230 students were accepted into the bridge program, 22 percent of them women. That number compares with 11 percent of women in the cybersecurity force over all, according to a 2017 report by the Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, Risk Management & Privacy.

Shamla Naidoo, global chief information security officer for IBM, has had success reaching out to mothers returning to work, as well as to veterans, to find potential cybersecurity workers.

“We’ve been talking about this for the last few years,” Ms. Naidoo said. “The first year, I spent a lot of time worrying about it. After that I thought, there’s no point in worrying about it, I’m going to have to go act, and I’m going to have to act in a nontraditional way. Posting a job description and hoping people are going to show up and apply to the job wasn’t working because the people just didn’t exist. So rather than trying to hire the skills and knowing they’re not as easily available, let’s create the skills internally.”

She created a system open to hiring people who have little or no experience, and, in many cases, even skills, in cybersecurity, with the understanding that they will come in, join a more experienced team and learn on the job. They are formed into teams of five to seven people solving one problem at a time, with the new employees teaming with more experienced security experts to watch.

Many skills from other industries are transferable to the cybersecurity field. Cybersecurity experts need to be able to communicate policies to, as Ms. Naidoo put it, “increase the cybersecurity I.Q.” of an entire organization. For example, people from a finance background might be able to educate their co-workers in accounting about cyberrisk.

She’s grown her team by about 25 percent over the last year with developers, consultants and research professionals. She said being more flexible in hiring, and hiring outside of the normal pipeline, had evened out some of the inequities in the field — like a relative dearth of minorities and women.

“To solve the skills shortage, we have to hire people who have the right aptitude, who have the right attitude, people who are curious, are willing to learn,” Ms. Naidoo said. “Outside of that, I have very few other criteria. I’m opening the aperture for where we look. I’m trying to hire in nontraditional places, nontraditional groups of people, and so I don’t expect them to have the skills or the experience that we need. I will hire people wherever I can find them.”

Michael Doran, 38, was a police officer in St. Louis for almost 10 years before going into cybersecurity.

“I quickly found out a lot of the older detectives were not doing a lot of the computer crimes,” he said. “I saw my opening there to make a niche for myself.”

After learning about the field of digital forensics, he took free, online courses through the National White Collar Crime Center. He then decided to get another bachelor’s degree and a master’s degree online in computer forensics and intelligence. He studied at Utica College from home while working full time.

He went to the cybercrimes unit as a forensic digital examiner within the St. Louis police department’s cybercrime unit. But it didn’t take long for the private industry to scoop him up.

“It was an offer I couldn’t refuse,” he said, speaking of more than doubling his salary to near six figures. “I took that chance, and I haven’t looked back since.”

He’s now a senior security consultant within the enterprise incident management team for Optiv, a cybersecurity company, where he performs digital forensics and interacts with clients.

More C-suite executives are filling their own skills gaps when it comes to cybersecurity, said Eric Rosenbach, co-director of the Belfer Center for Science and International Affairs at Harvard Kennedy School and former chief of staff at the Defense Department.

He runs an online class for working, senior-level executives “who are only now seeing how seriously they need to take it because they’ve seen so many other C.E.O.s get fired for major breaches,” said Mr. Rosenbach.

Offered at least six times a year, the classes educate 300 to 400 people each term. He says executives need to know how to minimize the legal, financial and public relations risks before an attack occurs.

Beyond the particular needs of firms in the cybersecurity arena, there is also a skills gap in the larger population that needs to be addressed, Mr. Rosenbach said.

“I’m surprised, even at Harvard, how few of the students here know very basic stuff about cyberhygiene, two-factor authentication, things like that, that people should be doing to protect themselves,” he said.

“One thing I don’t think people appreciate as much is that cyber is about human issues, it’s about training people not to do dumb things like click on spear-phishing links, holding people accountable. There’s a lot of human leadership involved in trying to improve cybersecurity.”

Content retrieved from: https://www.nytimes.com/2018/11/07/business/the-mad-dash-to-find-a-cybersecurity-force.html.

Warwick Ashford – 07 Nov 2018

The European Commission (EC) is encouraging cooperation across the region to ensure improved cyber security across the board, says Miguel Gonzalez-Sancho, head of the EC’s unit for cyber technology and capacity building.“From the EC’s perspective, if cyber security and data protection are not addressed sufficiently in a satisfactory way, the whole digital economy is in danger,” he told the EEMA ISSE 2018 cyber security conference in Brussels.

In the light of the fact that cyber attacks know no borders, Gonzalez-Sancho said the EU leadership was keen to close the vulnerabilities created by the fact that the cyber response capacity differs from country to country in the region.

“The threat is global, which means everyone is affected,” he said. “But there are differences in terms of [cyber defence] preparedness, and attackers will always go for the weakest link, putting the whole system at risk, so there is a need to increase resilience to cyber threats and incident response and to do it in a coordinated way.”

For this reason, Gonzalez-Sancho said the EC was looking for ways to enable more robust and effective structures to ensure strong cyber resilience and respond to cyber attacks.

The main areas of focus in the EU’s cyber security policy focus, he said, are building EU resilience to cyber attacks, creating effective EU cyber deterrence capability and strengthening international cooperation on cyber security.

To support cyber security policies, the EU is providing funding research and development projects to develop capacity solutions through the Horizon 2020 programme and for cross-border deployment and cooperation through the Connecting Europe Facility programme, which has a budget of €3bn.

“For the future, the commission has made proposals for the next budget cycle to step up the funding support in cyber security for research and innovation through the Horizon Europe programme and the new Digital Europe programme, with an overall budget of €9.2bn.”

The Digital Europe programme is aimed at supporting procurement of advanced equipment, tools and data infrastructure; supporting the best use of European knowledge, capacity and skills; ensuring wide deployment of the latest solutions across the economy; and reinforcing capabilities for network and information systems.

Other programmes with a cyber security dimension include the European Defence Fund and the European Security Fund, said Gonzalez-Sancho.

Other initiatives involving building cyber security capacity and cooperation, he said, include the NIS directive, the proposed EU cyber security act, and plans to set up an EU-wide certification framework for ICT products, services and processes.

In conclusion, Gonzalez-Sancho said that despite the expertise in Europe, there was the risk of losing ground without effective cooperation regionally and internationally.

Despite the challenges of adapting institutions to work this way and political and economic threats to cooperation, he said it was imperative to improve cyber security response.

Content retrieved from: https://www.computerweekly.com/news/252452087/Cyber-security-high-on-European-Commission-agenda.

11/5/2018

With billions of devices connected to the internet, the cybersecurity threat landscape is getting more complicated. From phones and desktop machines to servers, cloud applications and IoT devices, never before have more targets been available to those looking to cause harm.

According to research firm Enterprise Strategy Group (ESG), between 390,000 and 1 million new malware variations emerge every day. The average organization deals with over 200,000 security events daily. It’s estimated that, by 2021, there will be an astounding 3.5 million unfilled cybersecurity positions worldwide. This means that the threat landscape is not only getting more complicated, but it’s getting harder to manage these threats.

The emergence of AI and machine learning is bringing new intelligent capabilities to the mix to help provide more proactive visibility, control and mitigation of cybersecurity attacks. According to the ESG report, companies are increasingly looking to AI cybersecurity tools. Over 12% of enterprises have extensively deployed AI-based security analytics as of 2017, and 55% of surveyed firms plan to deploy machine learning and AI approaches to cybersecurity.

Advanced threat detection

AI algorithms are particularly good at pattern detection. Machine learning-based systems train on the vast existing databases of viruses and malware and can model the properties and characteristics of malicious programs. Once trained on these patterns, these AI systems can observe network traffic, data exchanges and system behavior to identify malicious patterns that might be worth closer examination.

In this way, AI-enabled cybersecurity tools don’t have to wait for the attack to occur before providing a response. So-called zero-day attacks, in which victim systems have no prior defense or awareness of the threat, can similarly be thwarted and prevented by smart cybersecurity software that learn from attacks on their own systems, as well as those from others in the network.

Similarly, AI cybersecurity tools can use their learning to determine patterns of attacks. The systems can categorize attacks based on threat level and adapt over time. They can determine whether the attacks originate from a specific location, target specific systems or fit specific categories. In this way, security researchers and security personnel can learn how to harden their environments to prevent future attacks and operate more proactively when faced with traffic from specific regions in the world or that target specific systems.

Proactive defense and threat mitigation

In addition to being better than humans or even traditional antivirus and antimalware systems at identifying and mitigating attacks, AI-enabled cybersecurity software can introduce new ways to defend and mitigate threats. Rather than simply shutting down servers or traffic in response to attacks, these systems can respond more creatively and adaptively to thwart attacks. In fact, the blunt response of shutting down systems in response to an attack might actually be the very thing that the attacker wants. From distributed denial-of-service attacks to attempts to harm critical infrastructure, the attacker wins by either overwhelming the system in question or by getting an overly aggressive response from security personnel.

Instead of these brute-force responses, AI cybersecurity tools learn how to thwart these attacks with adaptive responses that also minimize collateral damage. If an attack is trying to disrupt traffic, an AI-enabled cybersecurity tool might identify legitimate traffic from attacker traffic and split traffic to two different directions, keeping customers happy and keeping attackers at bay. If the system detects compromises to data or other infrastructure, it can apply backup data or systems so that any changes are reversed. The security tool can also respond in ways that the attacker can’t easily predict, emulating human behaviors instead of scripted cybersecurity responses.

Improved auditing of systems and patching

On the more mundane side, AI-based software is able to regularly probe systems, devices and data for vulnerabilities and apply patches and fixes to that infrastructure to prevent attackers from using previously identified means of compromising systems. Security analysts are regularly overwhelmed with the sheer scale of architectures and devices they need to protect. They have to constantly be aware of updates and patches that need to be applied to address yesterday’s security issues to prevent tomorrow’s problems. However, this is a near-impossible task for human operators.

While there are a number of automated systems that can be used to apply patches on a regular schedule or when updates are available, these are very much a one-size-fits-all approach and are subject to their own issues. Some updates can cause problems in functionality and need to be rolled back to prior versions. Others only work for specific devices or system configurations. AI-based cybersecurity tools more evenly and successfully apply patches to address security holes without introducing functionality problems. These AI-enabled systems can then continuously monitor systems, sources of patches and bug fixes, and additional sources to apply the right patches to the right systems at the right time.

Adapt to changing threats

Finally, with AI, systems are able to adapt to the continuously changing threat landscape. New devices, cloud applications, servers and systems introduce new threats that companies might not be aware of until the attacks occur. AI-based systems can creatively probe these systems to see what potential threats might emerge. This is a machine learning-enabled version of the penetration testing (pen testing) that software and hardware vendors regularly employ to make sure that their systems are as secure as possible.

Just as software quality assurance is increasingly being automated with AI capabilities, so too are penetration testing capabilities. AI-enabled solutions are increasingly emerging that provide continuous pen testing, as well as the ability for companies to respond to continuously evolving threats.

Content retrieved from: https://searchenterpriseai.techtarget.com/feature/AI-cybersecurity-tools-help-spot-threats-before-they-cause-harm.