It is estimated that there will be global cybersecurity expert shortages in the coming years. Millions of cybersecurity jobs will remain unfilled placing many organizations at risk. When it comes to cybersecurity staffing, companies may promote qualified employees from within their organizations or outsource some cybersecurity services to vendors after careful consideration of the risks. Cybersecurity outsourcing may make sense in some instances when niche security expertise is required in some areas or when simple routine tasks may not be worth the cost and effort of internal staff management.
Identity and Access Management in Modern Cybersecurity
Cybersecurity is the buzz name for network and system security which has existed for many years. However, due to the increasing connectivity of many devices and networks, cloud services, and remote workforce as a whole, the computer security risk landscape is expanding and is frequently referred to as cybersecurity.
One of the main objectives of cybersecurity is to protect data but high impact and frequent data breach incidents have increasingly challenged the cybersecurity community. There are hundreds of data breach incidents annually which are mostly caused by poor identity and access management processes. The majority of cyber attacks are caused by employee error who unwittingly give away their access information to hackers when they become victims of hackers’ phishing scams.
The computer security risks will continue to evolve as we change the way we use technology. For example, the increase in the number of connected portable devices, widespread proliferation of personal data, Bring Your Own Device (BYOD) policies of companies which allow employees to use their personal phones and devices for business purposes to save cost, as well as remote working and cloud storage or computing will continue to introduce new risks.
To better understand the cybersecurity risks, let’s first imagine how our world is evolving. Although we may not all immediately agree on the details of the cybersecurity evolution, we can all generally agree that the arrival of smart and self-driving cars, self-improving robots, artificial or augmented intelligence such as IBM Watson, and multitude of connected devices also called the Internet of Things (IoT) is inevitable.
Drones are already here in limited numbers and used for delivery, farming, and imaging. But drone capabilities and numbers are expected to grow. FAA predicts that drones will be a $90 billion industry within a decade. And Gartner estimates there are 6.4 billion Connected “Things” today which are expected to grow to 21 billion in 2020 out of which over 13 billion will be household devices used by consumers.
According to Henry Bagdasarian, Founder of Identity Management Institute “connected and smart devices which are also embedded in cars and household appliances will perform many tasks on our behalf; share information, make payments, and carry a ton of data thanks to the ever increasing data storage capacities of devices and decreasing costs. Data privacy and security risks will continue to be of utmost concerns, especially, the definition of identity theft will be expanded to include device identity takeover by another device. Proper management of device identity, security, connectivity to other devices, access, data sharing, and authorization to perform tasks will be crucial in the new tech world.”
Private and public sectors must work together to promote the cybersecurity profession and address the global cybersecurity expert shortages. IMI has published a cybersecurity career guide to guide and encourage IT professionals and students to join the cybersecurity industry.