Home working has exposed us all to more cybercrime. Here’s how to close the breach

(Jefferson Santos, Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Ruth Shoham, Chief Executive for Strategy and Partnerships, Israeli National Cyber Directorate & Yosi Aviram, Director, Cyber Cooperation, Israeli National Cyber Directorate


Cybercrime’s attack surface has increased because of the switch to home working.

• There is a growing gap in skilled cybersecurity practitioners – hence a need for more training.

• Israel is targetting the unemployed, ultraorthodox and school-age populations as cyber-employees of the future.

The COVID-19 pandemic has affected our lives across the board. The unemployment rate in many countries has crossed into the double digits, and economies have been badly hit due to the health restrictions imposed on travel and business. And people are using the virtual world – to confer, to do business, to study and to socialize – on a scale never seen before.

People’s homes have been modified to accommodate remote working, with no apparent reinforcement of their private communication infrastructures; some using their own private devices and others, end-point devices provided by their employers for home use.

From a cybersecurity perspective, the leap in the use of internet has presented cyber-attackers with a bigger-than-ever attack surface. New applications have been developed in a rush, some without adequate security measures. According to a report from cloud technology firm Datto, ransomware is still the number one threat; such attacks have increased both in number and in sophistication. The cybersecurity challenge, troubling enough prior to the pandemic, has only become bigger and wider.

Another point of concern is the growing gap in skilled cybersecurity professionals. According to a Kaspersky survey, 73% of businesses find it very difficult to hire IT security personnel. The High-Tech Human Capital Report by Israel’s Start-up Nation Central shows a rise of 16% in high-tech recruitments between 2018 and 2019, while the Burning Glass tech report on “the fastest growing cybersecurity skills on demand” estimates a growth of 164% in cybersecure application development jobs available. The State of Cyber Security Hiring Report finds that while IT job postings have risen by 30% since 2013, the number of cybersecurity posts has risen by 94% and take longer to fill. It is estimated that the global gap in cybersecurity professionals will rise to about 3.5 million in the coming three years.

With high-tech wages growing by 27% in relation to a 15% average, no wonder that cybersecurity professionals’ salaries are 16% higher than IT jobs, and governments and industry are struggling to recruit them. It seems that the usual recruitment methods won’t suffice, and we need to expand our scope and look for other populations to fill the gap.

In trying to revive damaged economies, governments are pouring money into initiating public works and by supporting citizens and businesses with allowances. But fewer governments are investing in cyber-professional courses and capacity-building – which could benefit society not only by closing the cybersecurity gap, but also in bridging the social gap.

It is high time governments boarded the “cyber-train”, meaning investing in hands-on training and capacity-building. Such investment has many invaluable benefits: Converting the unemployed to become cybersecurity practitioners will help in bridging the employment gap and assist in our security posture against cyber-attacks. Moreover, such an investment will have a positive and significant impact on economies, both by preventing damage caused by cyberattacks, but also by contributing indirectly to the economy. As salaries of IT employees are relatively high, the return on investment would be much quicker. One must also not forget the social benefits of reducing inequality, and fulfilling the WEF vision of the Great Reset.

Who can we train?

Most of the existing professional courses in cybersecurity are aimed at professionals in computer science that already have some experience in the field. One good example is the World Economic Forum’s Cybersecurity Learning Hub, which provides free cyber-courses for in-demand skills to address the global deficit in the cybersecurity workforce.

This is an immediate channel that may require less resources, yet will not suffice, and we should think of other potential populations as candidates. The Israeli National Cyber Directorate (INCD) recently initiated a programme called Cyber4s, designed to train capable young unemployed individuals with no university degree nor work experience. In a period of six months, the aim was for them to become qualified full-stack cyber-developers. The key to the programme’s success is that the syllabus was the product of joint public-private partnership, between industry, the NGO Start-up Nation Central and the 8200 Cyber Unit, a part of Israel’s defence forces. So participants had exposure to the real world of high-tech and a better chance of employment.

Another interesting channel is the one aimed at specific target populations, such as the ultraorthodox minority. This group is generally educated in religious schools that do not follow the core subjects of maths and English as other communities do. It is a challenge to train such demographics in technological professions, yet through a dedicated nine-month course, the candidates qualified as cyber-practitioners. This case study could serve as a model for other populations who lack the requisite maths and English needed as a basis for high-tech jobs.

Third is the “cyber-club” programme for young girls – and other similar school initiatives. The alumni say that such dedicated programmes have enabled them to study more freely and empower them to strive for careers in high-tech industries.

Collaboration to defeat cybercrime

The information technology domain is intensely dynamic. Attack patterns are being developed all the time, hence it is imperative that best practices are updated frequently. The industry innovates at a pace governments cannot keep up with. The key to a successful training programme is to take into account these variables, study the gaps, and adjust the syllabus according to current needs and to the advancements in the tactics and procedures. A solution that will bring together representatives of the high-tech industry, governments and NGOs.

The INCD has initiated a voluntary certification process for cyber-professions. The first profession to be declared is the “Cyber Practitioner”; its syllabus was defined according to the methodology of Unit 8200 and according to industry needs. Israel chose to lead by example by asking service providers for the government to be certified, thus inspiring the market to demand such certification too. Different countries may have different approaches: Some, like Singapore, require all professionals to be certified officially by law, whether working in the public or private sector.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum Platform for Shaping the Future of Cybersecurity and Digital Trust aims to spearhead global cooperation and collective responses to growing cyber challenges, ultimately to harness and safeguard the full benefits of the Fourth Industrial Revolution. The platform seeks to deliver impact through facilitating the creation of security-by-design and security-by-default solutions across industry sectors, developing policy frameworks where needed; encouraging broader cooperative arrangements and shaping global governance; building communities to successfully tackle cyber challenges across the public and private sectors; and impacting agenda setting, to elevate some of the most pressing issues.World Economic Forum | Centre for Cybersecurity

Platform activities focus on three main challenges:

Strengthening Global Cooperation for Digital Trust and Security – to increase global cooperation between the public and private sectors in addressing key challenges to security and trust posed by a digital landscape currently lacking effective cooperation at legal and policy levels, effective market incentives, and cooperation between stakeholders at the operational level across the ecosystem.Securing Future Digital Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies and accelerate solutions and incentives to ensure digital trust in the Fourth Industrial Revolution.Building Skills and Capabilities for the Digital Future – to coordinate and promote initiatives to address the global deficit in professional skills, effective leadership and adequate capabilities in the cyber domain.

The platform is working on a number of ongoing activities to meet these challenges. Current initiatives include our successful work with a range of public- and private-sector partners to develop a clear and coherent cybersecurity vision for the electricity industry in the form of Board Principles for managing cyber risk in the electricity ecosystem and a complete framework, created in collaboration with the Forum’s investment community, enabling investors to assess the security preparedness of target companies, contributing to raising internal cybersecurity awareness.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security. Based on 9 common principles, the Call encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense and refrain from doing harm.

For more information, please contact us.

Bringing all relevant players to the table and understanding the needs of the market is something that governments and NGOs everywhere could work towards. The vision of establishing a joint working group of governments and industry to define basic cyber-professions and the minimal syllabus requirements is something that could bolster collective cybersecurity for us all.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

6 ways countries can prepare for the next infectious disease pandemic

Moves to create a Kosovo army have ‘deteriorated relations’ with Serbia: UN peacekeeping chief

Smart city experts should be looking to emerging markets. Here’s why

3 unexpected consequences of the US-China trade war

China and China-EU Relations in the New Era

Beyond ‘business as usual’. Addressing the climate change crisis

Eurozone at risk of home-made deflation and recession

We need to give voice to ‘We the Peoples’, says UN chief

With Libyans now ‘fighting the wars of others’ inside their own country, UN envoy urges Security Council action to end violence

German stock market is not affected by the Greek debt revolution while Athens is running out of time

Coronavirus: EU guidance for a safe return to the workplace

5 things COVID-19 has taught us about inequality

Pharmaceuticals: Commission refines intellectual property rules

All States have ‘primary responsibility’ to protect against hate attacks

How the ‘California effect’ could shape a global approach to ethical AI

South Korea: A cherished partner for the EU

Where is heading Putin’s Russia?

New Mozambique storm rips off roofs, brings lashing rain as aid response kicks in

UN refugee agency presses States to aid 49 refugees stranded on Mediterranean

Young translators at EU schools – Commission opens registration for 2020 translation contest

Negotiated two-State solution still ‘the only option’ for Palestine: Guterres

UN political chief calls for dialogue to ease tensions in Venezuela; Security Council divided over path to end crisis

State aid: Commission approves €1.2 billion French “Fonds de solidarité” scheme for small enterprises in temporary financial difficulties due to coronavirus outbreak

These are the top 10 global causes of death – but two diseases are in decline

Brazilian health: right or privilege?

Why the minutes and the months matter most to young people during the COVID-19 crisis

Stop cooperation with and funding to the Libyan coastguard, MEPs ask

Statement by the European Commission following the extraordinary meeting of the EU-UK Joint Committee

Why Eurozone urgently needs the ECB to print and distribute at least €500 billion

The remote doctor in the 21st century

Over 820 million people suffering from hunger; new UN report reveals stubborn realities of ‘immense’ global challenge

“France will be there, it will always be there!”, French President Hollande says in a rather disorganised speech; the Sting reports live from World Economic Forum 2015 in Davos

What just happened? 5 themes from the COP24 climate talks in Poland

More bank bailouts at taxpayers’ expenses

EP wants data protection guaranteed before allowing fingerprint exchange with UK

Business growth is key to post-pandemic recovery

A new paradigm for collaboration: mission-based ecosystems

Africa is ‘on the rise’, says UN chief Guterres, urging collaboration for better future

MEPs urge UK to break current deadlock

Gender equality and medicine in the 21st century: an equity unachieved

Commission supports Member States in tackling coronavirus hotspots with offer of four million additional doses of BioNTech-Pfizer vaccine to be delivered this month

These 4 companies are turning food waste into cosmetics, clothing and more

Ahead of State of the Union the European Youth Forum highlights lack of action on youth employment

More international support needed to curb deadly measles outbreak in DR Congo

White Coat, Stained red

Gas pipeline in the European Union. (Copyright: EU, 2012 / Source: EC - Audiovisual Service / Photo: Ferenc Isza)

EU Investment Bank approves € 1.5bn loan for Trans Adriatic Pipeline (TAP)

COVID-19 has accelerated India’s digital reset

Commission celebrates the 30th anniversary of the Jean Monnet Activities promoting European studies worldwide

Meet the Seed Warrior: the man on a mission to rescue India’s rice diversity

UN rights chief ‘extremely concerned’ over deadly crackdown on protesters in Iran

Amid COVID-19 constraints, UN women’s commission meets to push gender equality forward

COVID-19, higher education and the impact on society: what we know so far and what could happen

As rural communities age, their public transport is shrinking. It’s time to fix this

Why the future of food must be blue as well as green

The digital revolution will transform the steel industry

ILO: Unemployment to increase by 8.1 million in 2013-2014

Central Mali: Top UN genocide prevention official sounds alarm over recent ethnically-targeted killings

Eco-anxiety during the Pandemic

GSMA Mobile 360 – Africa on 16-18 July 2019, in association with The European Sting

Destroying nuclear waste to create clean energy? It can be done

More Stings?

Advertising

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s