Home working has exposed us all to more cybercrime. Here’s how to close the breach

(Jefferson Santos, Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Ruth Shoham, Chief Executive for Strategy and Partnerships, Israeli National Cyber Directorate & Yosi Aviram, Director, Cyber Cooperation, Israeli National Cyber Directorate

Cybercrime’s attack surface has increased because of the switch to home working.

• There is a growing gap in skilled cybersecurity practitioners – hence a need for more training.

• Israel is targetting the unemployed, ultraorthodox and school-age populations as cyber-employees of the future.

The COVID-19 pandemic has affected our lives across the board. The unemployment rate in many countries has crossed into the double digits, and economies have been badly hit due to the health restrictions imposed on travel and business. And people are using the virtual world – to confer, to do business, to study and to socialize – on a scale never seen before.

People’s homes have been modified to accommodate remote working, with no apparent reinforcement of their private communication infrastructures; some using their own private devices and others, end-point devices provided by their employers for home use.

From a cybersecurity perspective, the leap in the use of internet has presented cyber-attackers with a bigger-than-ever attack surface. New applications have been developed in a rush, some without adequate security measures. According to a report from cloud technology firm Datto, ransomware is still the number one threat; such attacks have increased both in number and in sophistication. The cybersecurity challenge, troubling enough prior to the pandemic, has only become bigger and wider.

Another point of concern is the growing gap in skilled cybersecurity professionals. According to a Kaspersky survey, 73% of businesses find it very difficult to hire IT security personnel. The High-Tech Human Capital Report by Israel’s Start-up Nation Central shows a rise of 16% in high-tech recruitments between 2018 and 2019, while the Burning Glass tech report on “the fastest growing cybersecurity skills on demand” estimates a growth of 164% in cybersecure application development jobs available. The State of Cyber Security Hiring Report finds that while IT job postings have risen by 30% since 2013, the number of cybersecurity posts has risen by 94% and take longer to fill. It is estimated that the global gap in cybersecurity professionals will rise to about 3.5 million in the coming three years.

With high-tech wages growing by 27% in relation to a 15% average, no wonder that cybersecurity professionals’ salaries are 16% higher than IT jobs, and governments and industry are struggling to recruit them. It seems that the usual recruitment methods won’t suffice, and we need to expand our scope and look for other populations to fill the gap.

In trying to revive damaged economies, governments are pouring money into initiating public works and by supporting citizens and businesses with allowances. But fewer governments are investing in cyber-professional courses and capacity-building – which could benefit society not only by closing the cybersecurity gap, but also in bridging the social gap.

It is high time governments boarded the “cyber-train”, meaning investing in hands-on training and capacity-building. Such investment has many invaluable benefits: Converting the unemployed to become cybersecurity practitioners will help in bridging the employment gap and assist in our security posture against cyber-attacks. Moreover, such an investment will have a positive and significant impact on economies, both by preventing damage caused by cyberattacks, but also by contributing indirectly to the economy. As salaries of IT employees are relatively high, the return on investment would be much quicker. One must also not forget the social benefits of reducing inequality, and fulfilling the WEF vision of the Great Reset.

Who can we train?

Most of the existing professional courses in cybersecurity are aimed at professionals in computer science that already have some experience in the field. One good example is the World Economic Forum’s Cybersecurity Learning Hub, which provides free cyber-courses for in-demand skills to address the global deficit in the cybersecurity workforce.

This is an immediate channel that may require less resources, yet will not suffice, and we should think of other potential populations as candidates. The Israeli National Cyber Directorate (INCD) recently initiated a programme called Cyber4s, designed to train capable young unemployed individuals with no university degree nor work experience. In a period of six months, the aim was for them to become qualified full-stack cyber-developers. The key to the programme’s success is that the syllabus was the product of joint public-private partnership, between industry, the NGO Start-up Nation Central and the 8200 Cyber Unit, a part of Israel’s defence forces. So participants had exposure to the real world of high-tech and a better chance of employment.

Another interesting channel is the one aimed at specific target populations, such as the ultraorthodox minority. This group is generally educated in religious schools that do not follow the core subjects of maths and English as other communities do. It is a challenge to train such demographics in technological professions, yet through a dedicated nine-month course, the candidates qualified as cyber-practitioners. This case study could serve as a model for other populations who lack the requisite maths and English needed as a basis for high-tech jobs.

Third is the “cyber-club” programme for young girls – and other similar school initiatives. The alumni say that such dedicated programmes have enabled them to study more freely and empower them to strive for careers in high-tech industries.

Collaboration to defeat cybercrime

The information technology domain is intensely dynamic. Attack patterns are being developed all the time, hence it is imperative that best practices are updated frequently. The industry innovates at a pace governments cannot keep up with. The key to a successful training programme is to take into account these variables, study the gaps, and adjust the syllabus according to current needs and to the advancements in the tactics and procedures. A solution that will bring together representatives of the high-tech industry, governments and NGOs.

The INCD has initiated a voluntary certification process for cyber-professions. The first profession to be declared is the “Cyber Practitioner”; its syllabus was defined according to the methodology of Unit 8200 and according to industry needs. Israel chose to lead by example by asking service providers for the government to be certified, thus inspiring the market to demand such certification too. Different countries may have different approaches: Some, like Singapore, require all professionals to be certified officially by law, whether working in the public or private sector.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum Platform for Shaping the Future of Cybersecurity and Digital Trust aims to spearhead global cooperation and collective responses to growing cyber challenges, ultimately to harness and safeguard the full benefits of the Fourth Industrial Revolution. The platform seeks to deliver impact through facilitating the creation of security-by-design and security-by-default solutions across industry sectors, developing policy frameworks where needed; encouraging broader cooperative arrangements and shaping global governance; building communities to successfully tackle cyber challenges across the public and private sectors; and impacting agenda setting, to elevate some of the most pressing issues.World Economic Forum | Centre for Cybersecurity

Platform activities focus on three main challenges:

Strengthening Global Cooperation for Digital Trust and Security – to increase global cooperation between the public and private sectors in addressing key challenges to security and trust posed by a digital landscape currently lacking effective cooperation at legal and policy levels, effective market incentives, and cooperation between stakeholders at the operational level across the ecosystem.Securing Future Digital Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies and accelerate solutions and incentives to ensure digital trust in the Fourth Industrial Revolution.Building Skills and Capabilities for the Digital Future – to coordinate and promote initiatives to address the global deficit in professional skills, effective leadership and adequate capabilities in the cyber domain.

The platform is working on a number of ongoing activities to meet these challenges. Current initiatives include our successful work with a range of public- and private-sector partners to develop a clear and coherent cybersecurity vision for the electricity industry in the form of Board Principles for managing cyber risk in the electricity ecosystem and a complete framework, created in collaboration with the Forum’s investment community, enabling investors to assess the security preparedness of target companies, contributing to raising internal cybersecurity awareness.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security. Based on 9 common principles, the Call encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense and refrain from doing harm.

For more information, please contact us.

Bringing all relevant players to the table and understanding the needs of the market is something that governments and NGOs everywhere could work towards. The vision of establishing a joint working group of governments and industry to define basic cyber-professions and the minimal syllabus requirements is something that could bolster collective cybersecurity for us all.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

Can India reduce deaths on one hazardous road to zero? This group is trying

COVID-19 tracing apps: MEPs stress the need to preserve citizens’ privacy

Politics still matter in the US but not in Europe

MEPs list conditions for new EU-Azerbaijan deal

South Korea once recycled 2% of its food waste. Now it recycles 95%

The unique role of business in building social good

Will the French let Macron destroy their party political system?

Yemen: ‘Living hell’ for all children, says UNICEF; Angelia Jolie calls for ‘lasting ceasefire’

Brexit: UK business fear of a no-deal scenario preparing for the worst

How to build long-term resilience in vulnerable communities

EU-UK relations: solutions found to help implementation of the Protocol on Ireland and Northern Ireland

This woman changed the world of work – and you’ve probably never heard of her

The Eurogroup offered a cold reception to IMF’s director for Europe

Trump stumbles badly on his Russian openings; Europeans wary of Putin

COVID-19: EU helps to deliver vaccines to Moldova and medical items to Montenegro and North Macedonia

Boosting the EU’s Green Recovery: EU invests over €2 billion in 140 key transport projects to jump-start the economy

4 ways to improve the lives of older people

Antitrust: Commission imposes binding obligations on Gazprom to enable free flow of gas at competitive prices in Central and Eastern European gas markets

EU4Health: 9.4 billion EUR budget needed for new EU health programme

A Sting Exclusive: “One year on from the VW scandal and EU consumers are still in the dark”, BEUC’s Head highlights from Brussels

European Semester 2018 Spring Package: Commission issues recommendations for Member States to achieve sustainable, inclusive and long-term growth

The French army is enlisting sci-fi writers to predict the future

What meat consumption has brought to the environment and how herbal diets can help human health

Here’s the secret to financing a greener future

Anti-vaccination: a private choice leading to collective outcomes

Consumer product quality: MEPs take aim at dual standards

This is how we can save millions of people from extreme poverty after COVID-19

Yemen: Security Council backs new mission in support of key port city truce

Scientists have created the world’s ‘first psychopath AI’

UN refugee agency presses States to aid 49 refugees stranded on Mediterranean

Take medical use of cannabis seriously, say MEPs

First-ever EU defence industry fund to finance joint development of capabilities

Parliament toughens its position on banking union

West Darfur tensions could see 30,000 flee across Sudanese border to Chad: UN refugee agency

China dazzles the world with her Silk Road plan to connect, Asia, Europe and Africa

Budgetary Control Committee asks for stronger measures to protect EU spending

Europe plans to send satellites into space to monitor CO2 emissions

Euro-Mediterranean Assembly fixes its permanent seat in Rome

EU to lead one more fight against climate change at G7 summit

New EU visa rules – Questions and Answers

4 ways leaders are driving innovation in the public sector and revolutionising governance

Electronic Cigarettes: A booster or alternative to Smoking?

Fostering intergenerational solidarity and cooperation through age-friendly environments: the right answer to Europe’s demographic challenge

‘Virtual Biopsy’ device detects skin tumours in 15 minutes

Where EU air pollution is deadliest

Eurogroup: IMF proposes Germany disposes

Where do Americans stand on immigration? They’re not as divided as you might think

“Scalpel, please”. For how long hearing this from a woman will be a surprise?

These are the skills young people will need for the green jobs of the future

Mergers: Commission clears acquisition of joint control over INWIT by Telecom Italia and Vodafone, subject to conditions

Why infrastructure is the only way to fight a COVID-19 recession in the US

MEPs want ambitious funding for cross-border projects to connect people

A Europe that Protects: Commission calls for more efforts to ensure adoption of security proposals

Nigeria floods: Guterres ‘deeply saddened’ by loss of life and rising need

EU young translators’ contest kicks off!

How trade wars pose a threat to the global economy

Why precision medicine won’t transform healthcare – but governance could

Fairer, simpler, more flexible EU farm policy: MEPs vote on post-2020 reform

#WorldBicycleDay: 5 benefits of cycling

Investing in rural women and girls, ‘essential’ for everyone’s future: UN chief

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: