Today’s interconnected economy is rife with digital forms of risk. Open the wrong email attachment, or unwittingly connect the wrong USB drive, and you could be exposing the entire office network, along with all the data connected to it.
In the post-covid age, when we’re all working from home, it’s more important than ever that we take these problems seriously, since there are more points of vulnerability when your business is spread across multiple home networks, where each individual employee is charged with maintaining the security of that network.
Clearly, there’s a considerable skills gap to bridge if this is going to work.
What is cybersecurity?
Put simply, cybersecurity refers to any measure put in place to protect your company’s digital assets. This might range from installing an antivirus or a firewall, to implementing a policy on BYOD (that’s bring-your-own-device).
Cybersecurity experts have a more specialised skillset than generalised IT workers. They need to understand the fundamental nature of networks and how they can be compromised. Moreover, the workforce more broadly needs to be educated on the shape of specific, common threats. By far the most common of these is the phishing attack.
According to government research polling 748 businesses over twelve months, 86% of them had experienced a phishing attack of some kind. Many businesses will find themselves inundated with malicious emails – and it is vital that staff knows how to recognise them and deal with them.
How serious is the skills gap?
Recruitment firm Robert Walters and data firm Vacancysoft have conducted research on hiring managers, and found that 58% of them rank information security as the single most required skill. Across Europe, 70% of companies claim to lack the appropriate talent in the area, with an estimated shortage of around 140,000 workers across the continent.
UK-based SMEs, according to the researchers, endure around 65,000 attacks a day. Though just a few thousand of these are actually successful, there’s a potential cost for each that goes all the way up into the millions.
Investing in current talent
Promoting from within is a tactic that’s reaped dividends for many businesses. Rather than attracting new talent from outside, it means training existing staff in cybersecurity. Existing staff are already inculcated in the business’s culture, and thus don’t have to endure a period of adjustment. This approach also has the advantage of boosting morale, as it will demonstrate to the wider workforce that progression within the business is possible, and that the business will back them financially, if necessary.
Paying for the necessary training might require a considerable one-off investment, however. Costs like these can be met through specialised forms of commercial finance, but the expenditure will make the business more cost-effective in the long-run.